## Updated at UTC 2025-07-01T05:21:19.410910

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2025-6824 8.8 0.14% 2 0 2025-07-01T03:31:37 A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.
CVE-2025-53095 9.6 0.00% 1 0 2025-07-01T02:15:22.563000 Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.
CVE-2025-49521 8.8 0.00% 2 0 2025-07-01T02:15:22.310000 A flaw was found in the EDA component of the Ansible Automation Platform, where
CVE-2025-49520 8.8 0.00% 2 0 2025-07-01T02:15:22.190000 A flaw was found in Ansible Automation Platform’s EDA component where user-suppl
CVE-2025-26074 9.8 0.00% 2 0 2025-06-30T22:16:54 Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS command
CVE-2025-6554 0 0.00% 3 0 2025-06-30T22:15:29.873000 Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote at
CVE-2025-45931 9.8 0.00% 2 0 2025-06-30T21:31:52 An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote a
CVE-2025-6916 8.8 0.00% 2 1 2025-06-30T21:15:32.730000 A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.
CVE-2025-32463 9.3 0.00% 8 0 2025-06-30T21:15:30.257000 Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswi
CVE-2025-32462 2.8 0.00% 7 0 2025-06-30T21:15:30.080000 Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that i
CVE-2025-5730 4.3 0.02% 1 0 2025-06-30T19:15:25.183000 The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and esc
CVE-2025-45729 6.3 0.03% 2 0 2025-06-30T18:38:48.477000 D-Link DIR-823-Pro 1.02 has improper permission control, allowing unauthorized u
CVE-2025-47823 2.2 0.01% 2 0 2025-06-30T18:38:48.477000 Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a
CVE-2025-47824 2.0 0.01% 2 0 2025-06-30T18:38:48.477000 Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have c
CVE-2025-3699 9.8 0.17% 2 0 2025-06-30T18:38:48.477000 Missing Authentication for Critical Function vulnerability in Mitsubishi Electri
CVE-2025-6897 5.5 0.55% 2 0 2025-06-30T18:38:23.493000 A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1.
CVE-2025-6881 8.8 0.04% 2 0 2025-06-30T18:38:23.493000 A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as criti
CVE-2025-53391 9.3 0.01% 2 0 2025-06-30T18:38:23.493000 The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.
CVE-2025-24290 9.9 0.03% 3 0 2025-06-30T18:38:23.493000 Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (
CVE-2025-53091 0 0.07% 1 0 2025-06-30T18:38:23.493000 WeGIA is an open source web manager with a focus on the Portuguese language and
CVE-2025-3248 None 92.36% 2 18 template 2025-06-30T14:54:13 Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v
CVE-2024-8419 7.5 0.15% 1 0 2025-06-30T12:30:52 The endpoint hosts a script that allows an unauthorized remote attacker to put t
CVE-2025-6899 6.3 0.63% 2 0 2025-06-30T09:30:35 A vulnerability, which was classified as critical, was found in D-Link DI-7300G+
CVE-2025-53415 7.8 0.26% 1 0 2025-06-30T09:30:35 Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Dat
CVE-2025-6898 6.3 0.63% 2 0 2025-06-30T09:30:30 A vulnerability, which was classified as critical, has been found in D-Link DI-7
CVE-2025-6896 6.3 0.63% 2 0 2025-06-30T09:30:30 A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.
CVE-2025-6887 8.8 0.09% 3 0 2025-06-30T06:30:33 A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. A
CVE-2025-6886 8.8 0.09% 4 0 2025-06-30T06:30:33 A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critic
CVE-2025-6019 7.0 0.02% 3 3 2025-06-30T03:31:34 A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Gener
CVE-2025-6882 8.8 0.04% 3 0 2025-06-30T03:30:39 A vulnerability classified as critical has been found in D-Link DIR-513 1.0. Thi
CVE-2025-6825 8.8 0.14% 2 0 2025-06-28T21:30:35 A vulnerability classified as critical was found in TOTOLINK A702R up to 4.0.0-B
CVE-2025-52570 None 0.06% 2 0 2025-06-27T23:08:47 ### Impact The connection limiter is implemented incorrectly. It allows an arbi
CVE-2025-6620 6.3 1.94% 2 0 2025-06-27T18:31:47 A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been rated as c
CVE-2025-6618 6.3 1.94% 2 0 2025-06-27T18:31:47 A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified
CVE-2025-6619 6.3 1.94% 2 0 2025-06-27T18:31:47 A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared a
CVE-2025-6621 6.3 1.94% 2 0 2025-06-27T18:31:47 A vulnerability classified as critical has been found in TOTOLINK CA300-PoE 6.2c
CVE-2025-49853 9.1 0.05% 1 0 2025-06-27T18:31:47 ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL
CVE-2025-6522 5.4 0.03% 2 0 2025-06-27T18:30:51 Unauthenticated users on an adjacent network with the Sight Bulb Pro can run sh
CVE-2025-6568 8.8 0.17% 2 0 2025-06-27T18:30:43 A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2c
CVE-2024-51978 9.8 2.05% 5 1 template 2025-06-27T15:32:26 An unauthenticated attacker who knows the target device's serial number, can gen
CVE-2025-6705 None 0.04% 2 0 2025-06-27T15:31:41 On open-vsx.org http://open-vsx.org/  it was possible to run an arbitrary build
CVE-2024-54085 9.8 9.47% 3 1 2025-06-27T12:32:19 AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authe
CVE-2025-6751 8.8 0.08% 2 0 2025-06-27T06:31:22 A vulnerability, which was classified as critical, was found in Linksys E8450 up
CVE-2025-6752 8.8 0.08% 2 0 2025-06-27T06:31:22 A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500
CVE-2025-47821 2.2 0.01% 2 0 2025-06-27T03:30:47 Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for
CVE-2025-47822 6.4 0.02% 2 0 2025-06-27T03:30:47 Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a
CVE-2025-47819 6.4 0.02% 2 0 2025-06-27T03:30:47 Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interfac
CVE-2025-47818 2.2 0.01% 2 0 2025-06-27T03:30:41 Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for
CVE-2025-6734 8.8 0.04% 2 0 2025-06-27T00:32:15 A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rate
CVE-2025-6732 8.8 0.04% 2 0 2025-06-27T00:32:15 A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been clas
CVE-2025-6561 9.8 0.08% 1 0 2025-06-26T21:31:28 Certain hybrid DVR models ((HBF-09KD and HBF-16NK)) from Hunt Electronic have an
CVE-2025-6627 8.8 0.14% 2 0 2025-06-26T21:31:22 A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classi
CVE-2025-6616 8.8 0.08% 2 0 2025-06-26T21:31:21 A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as crit
CVE-2025-36038 9.1 0.19% 3 0 2025-06-26T21:31:21 IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to ex
CVE-2025-6617 8.8 0.08% 2 0 2025-06-26T21:31:20 A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical.
CVE-2025-6614 8.8 0.08% 2 0 2025-06-26T21:31:20 A vulnerability, which was classified as critical, has been found in D-Link DIR-
CVE-2025-20281 9.8 0.11% 7 1 2025-06-26T21:31:20 A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an
CVE-2025-6543 None 0.06% 16 2 2025-06-26T21:31:20 Memory overflow vulnerability leading to unintended control flow and Denial of S
CVE-2025-32977 9.7 0.02% 2 0 2025-06-26T21:31:13 Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x bef
CVE-2025-32978 7.5 0.06% 2 0 2025-06-26T21:31:13 Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x bef
CVE-2025-23264 7.8 0.02% 1 0 2025-06-26T21:31:13 NVIDIA Megatron-LM for all platforms contains a vulnerability in a python compon
CVE-2025-23265 7.8 0.02% 1 0 2025-06-26T21:31:13 NVIDIA Megatron-LM for all platforms contains a vulnerability in a python compon
CVE-2025-49151 9.1 0.09% 1 0 2025-06-26T21:31:13 MICROSENS NMP Web+ could allow an unauthenticated attacker to generate forged JS
CVE-2025-20264 6.4 0.05% 1 0 2025-06-26T21:31:12 A vulnerability in the web-based management interface of Cisco Identity Services
CVE-2025-6565 8.8 0.19% 2 0 2025-06-26T21:31:09 A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified a
CVE-2025-32976 8.8 0.10% 2 0 2025-06-26T21:31:09 Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x bef
CVE-2025-48469 9.7 0.04% 2 0 2025-06-26T21:31:08 Successful exploitation of the vulnerability could allow an unauthenticated atta
CVE-2025-6559 9.8 0.62% 2 0 2025-06-26T21:31:08 Multiple wireless router models from Sapido have an OS Command Injection vulnera
CVE-2025-6560 9.8 0.11% 2 0 2025-06-26T21:31:08 Multiple wireless router models from Sapido have an Exposure of Sensitive Inform
CVE-2025-34037 None 2.46% 2 0 2025-06-26T21:31:08 An OS command injection vulnerability exists in various models of E-Series Links
CVE-2025-34041 None 1.03% 2 0 2025-06-26T21:31:08 An OS command injection vulnerability exists in the Chinese versions of Sangfor
CVE-2025-20282 10.0 0.10% 7 0 2025-06-26T20:35:33.577000 A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an
CVE-2025-36537 7.0 0.01% 3 0 2025-06-26T18:58:14.280000 Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (
CVE-2025-32975 10.0 0.12% 2 0 2025-06-26T18:58:14.280000 Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x bef
CVE-2025-34034 0 0.05% 2 0 2025-06-26T18:58:14.280000 A hardcoded credential vulnerability exists in the Blue Angel Software Suite dep
CVE-2025-23260 5.0 0.03% 1 0 2025-06-26T18:58:14.280000 NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gai
CVE-2025-34042 0 0.52% 2 0 2025-06-26T18:57:43.670000 An authenticated command injection vulnerability exists in the Beward N100 IP Ca
CVE-2025-34043 0 0.32% 2 0 2025-06-26T18:57:43.670000 A remote command injection vulnerability exists in Vacron Network Video Recorder
CVE-2025-6615 8.8 0.08% 2 0 2025-06-26T18:57:43.670000 A vulnerability, which was classified as critical, was found in D-Link DIR-619L
CVE-2025-49153 9.8 0.17% 1 0 2025-06-26T18:57:43.670000 MICROSENS NMP Web+ could allow an unauthenticated attacker to overwrite files a
CVE-2025-34049 None 0.50% 2 0 2025-06-26T18:31:35 An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router
CVE-2025-6709 7.5 0.09% 7 0 2025-06-26T18:31:35 The MongoDB Server is susceptible to a denial of service vulnerability due to im
CVE-2025-34048 None 0.22% 2 0 2025-06-26T18:31:34 A path traversal vulnerability exists in the web management interface of D-Link
CVE-2025-34044 None 0.09% 2 0 2025-06-26T18:31:34 A remote command injection vulnerability exists in the confirm.php interface of
CVE-2024-11584 5.9 0.01% 1 0 2025-06-26T18:31:26 cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.s
CVE-2024-6174 8.8 0.02% 2 0 2025-06-26T18:31:25 When a non-x86 platform is detected, cloud-init grants root access to a hardcode
CVE-2025-6336 8.8 0.17% 1 0 2025-06-26T18:31:21 A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. It has bee
CVE-2025-6399 8.8 0.17% 2 0 2025-06-25T20:13:30.100000 A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0
CVE-2025-6373 8.8 0.03% 2 0 2025-06-25T20:10:16.027000 A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as crit
CVE-2025-6486 8.8 0.14% 2 0 2025-06-25T19:31:37.533000 A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been d
CVE-2025-6218 7.8 0.65% 8 2 2025-06-25T19:03:33.817000 RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vuln
CVE-2025-49851 None 0.07% 1 0 2025-06-24T21:30:36 ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an
CVE-2025-2566 None 0.13% 1 0 2025-06-24T21:30:36 Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserializatio
CVE-2025-5087 None 0.02% 1 0 2025-06-24T21:30:35 Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-com
CVE-2025-44531 7.5 0.05% 2 0 2025-06-24T21:30:28 An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause
CVE-2024-56731 10.0 0.33% 3 0 2025-06-24T19:00:21 ### Summary Due to the insufficient patch for the CVE-2024-39931, it's still pos
CVE-2025-6545 None 0.09% 1 0 2025-06-23T22:41:52 ### Summary This affects both: 1. Unsupported algos (e.g. `sha3-256` / `sha3-5
CVE-2025-4563 2.7 0.02% 2 0 2025-06-23T22:41:42 A vulnerability exists in the NodeRestriction admission controller where nodes c
CVE-2025-6374 8.8 0.03% 2 0 2025-06-23T21:31:56 A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical.
CVE-2025-6400 8.8 0.17% 2 0 2025-06-23T21:31:56 A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101 and classified
CVE-2025-6402 8.8 0.16% 2 0 2025-06-23T21:31:56 A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been decl
CVE-2025-4981 9.9 0.23% 1 0 2025-06-23T20:16:40.143000 Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.
CVE-2025-49144 7.3 0.01% 5 5 2025-06-23T20:16:21.633000 Notepad++ is a free and open-source source code editor. In versions 8.8.1 and pr
CVE-2025-49132 10.0 23.69% 2 5 template 2025-06-23T20:16:21.633000 Pterodactyl is a free, open-source game server management panel. Prior to versio
CVE-2025-6393 8.8 0.65% 2 0 2025-06-23T20:16:21.633000 A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B
CVE-2025-34029 0 1.10% 2 0 2025-06-23T20:16:21.633000 An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmw
CVE-2025-6510 8.8 0.19% 2 0 2025-06-23T20:16:21.633000 A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated
CVE-2025-50054 5.5 0.01% 2 0 2025-06-23T18:31:23 Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.
CVE-2025-48706 9.1 0.06% 1 0 2025-06-23T18:31:23 An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an out-of-bound
CVE-2025-6511 8.8 0.19% 2 0 2025-06-23T18:30:33 A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46
CVE-2025-6487 8.8 0.14% 2 0 2025-06-22T18:30:31 A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been r
CVE-2025-6372 8.8 0.03% 2 0 2025-06-21T00:30:38 A vulnerability, which was classified as critical, was found in D-Link DIR-619L
CVE-2025-6371 8.8 0.06% 2 0 2025-06-21T00:30:38 A vulnerability, which was classified as critical, has been found in D-Link DIR-
CVE-2025-6370 8.8 0.03% 2 0 2025-06-21T00:30:38 A vulnerability classified as critical was found in D-Link DIR-619L 2.06B01. Aff
CVE-2025-6368 8.8 0.03% 2 0 2025-06-21T00:30:37 A vulnerability was found in D-Link DIR-619L 2.06B01. It has been rated as criti
CVE-2025-6369 8.8 0.03% 2 0 2025-06-21T00:30:37 A vulnerability classified as critical has been found in D-Link DIR-619L 2.06B01
CVE-2025-6367 8.8 0.03% 2 0 2025-06-20T21:32:14 A vulnerability was found in D-Link DIR-619L 2.06B01. It has been declared as cr
CVE-2025-34024 None 0.64% 2 0 2025-06-20T21:32:14 An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware v
CVE-2025-34022 None 0.26% 2 0 2025-06-20T21:32:13 A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-A
CVE-2025-34021 None 0.06% 2 0 2025-06-20T21:32:13 A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targ
CVE-2025-33117 9.1 0.06% 1 0 2025-06-19T18:31:56 IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged us
CVE-2025-20260 9.8 0.14% 1 0 2025-06-18T18:30:39 A vulnerability in the PDF scanning processes of ClamAV could allow an unauthent
CVE-2023-0386 7.8 57.63% 2 14 2025-06-18T15:00:59.680000 A flaw was found in the Linux kernel, where unauthorized access to the execution
CVE-2025-49825 9.8 0.24% 3 0 2025-06-18T14:15:12 ### Impact A full technical disclosure and open-source patch will be published
CVE-2025-5349 0 0.03% 2 0 2025-06-17T20:50:23.507000 Improper access control on the NetScaler Management Interface in NetScaler ADC a
CVE-2025-5777 None 0.06% 13 2 2025-06-17T15:31:16 Insufficient input validation leading to memory overread on the NetScaler Manage
CVE-2023-33538 8.8 90.63% 1 2 2025-06-16T21:32:22 TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to
CVE-2025-36852 None 0.04% 1 0 2025-06-10T21:31:31 A critical security vulnerability exists in remote cache extensions for common b
CVE-2024-47081 5.3 0.06% 1 0 2025-06-09T19:06:12 ### Impact Due to a URL parsing issue, Requests releases prior to 2.32.4 may le
CVE-2025-20130 4.9 0.04% 1 0 2025-06-05T20:12:23.777000 A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE
CVE-2025-4322 9.8 24.99% 1 3 template 2025-05-21T20:25:16.407000 The Motors theme for WordPress is vulnerable to privilege escalation via account
CVE-2025-4428 7.2 21.12% 1 2 2025-05-21T18:45:24.800000 Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.
CVE-2024-6866 5.3 0.05% 1 0 2025-05-17T18:55:58 corydolphin/flask-cors version 5.0.1 contains a vulnerability where the request
CVE-2024-6844 5.3 0.05% 1 0 2025-05-17T18:54:45 A vulnerability in corydolphin/flask-cors version 5.0.1 allows for inconsistent
CVE-2025-4679 6.5 0.05% 2 0 2025-05-16T09:30:42 A vulnerability in Synology Active Backup for Microsoft 365 allows remote authen
CVE-2023-20198 10.0 94.03% 1 30 template 2025-05-15T18:37:33.893000 Cisco is providing an update for the ongoing investigation into observed exploit
CVE-2025-0133 None 2.10% 1 4 template 2025-05-14T21:31:25 A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gatew
CVE-2025-1087 None 0.21% 1 0 2025-05-09T12:31:40 Kong Insomnia Desktop Application before 11.0.2 contains a template injection vu
CVE-2025-32011 9.8 0.32% 1 0 2025-05-02T15:31:52 KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulne
CVE-2025-35996 9.1 0.09% 1 0 2025-05-02T15:31:45 KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated r
CVE-2025-36558 6.1 0.06% 1 0 2025-05-02T13:52:51.693000 KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-site-scripti
CVE-2024-39931 9.9 1.37% 2 0 2025-04-10T13:43:51.257000 Gogs through 0.13.0 allows deletion of internal files.
CVE-2025-1974 9.8 87.05% 1 22 template 2025-03-27T16:45:46.410000 A security issue was discovered in Kubernetes where under certain conditions, an
CVE-2024-6839 4.3 0.05% 1 0 2025-03-20T10:15:33.743000 corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vu
CVE-2025-1767 6.5 0.04% 1 0 2025-03-14T17:30:07 A security vulnerability was discovered in Kubernetes that could allow a user wi
CVE-2023-28771 9.8 94.35% 3 2 2025-03-13T16:16:59.950000 Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.6
CVE-2022-22965 9.8 94.46% 1 99 template 2025-01-29T18:38:40 Spring Framework prior to versions 5.2.20 and 5.3.18 contains a remote code exec
CVE-2025-0056 6.0 0.02% 2 0 2025-01-14T03:31:48 SAP GUI for Java saves user input on the client PC to improve usability. An atta
CVE-2025-0055 6.0 0.02% 2 0 2025-01-14T03:31:48 SAP GUI for Windows stores user input on the client PC to improve usability. Und
CVE-2019-6693 6.5 76.49% 2 3 2024-04-11T21:02:46 Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS config
CVE-2023-36934 9.1 91.69% 2 0 template 2024-04-04T05:23:52 In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.
CVE-2023-34362 9.8 94.48% 2 11 template 2024-04-04T04:29:06 In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.
CVE-2024-0769 5.3 75.56% 2 0 2024-01-21T09:30:39 ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06
CVE-2021-40444 7.8 94.29% 1 42 2024-01-06T05:06:00 Microsoft MSHTML Remote Code Execution Vulnerability
CVE-2025-47812 0 0.00% 2 0 N/A
CVE-2025-52562 0 1.48% 2 0 N/A
CVE-2025-53094 0 0.04% 2 0 N/A
CVE-2025-1234 0 0.00% 1 0 N/A
CVE-2024-21969 0 0.00% 1 0 N/A
CVE-2025-48703 0 0.00% 2 2 N/A
CVE-2025-52566 0 0.01% 1 0 N/A
CVE-2025-6018 0 0.00% 2 0 N/A
CVE-2025-52464 0 0.06% 1 0 N/A

CVE-2025-6824
(8.8 HIGH)

EPSS: 0.14%

updated 2025-07-01T03:31:37

2 posts

A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-53095
(9.6 CRITICAL)

EPSS: 0.00%

updated 2025-07-01T02:15:22.563000

1 posts

Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery (CSRF) attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can trigger unintended actions within the Sunshine application on behalf of that user. Specifically, since

offseq at 2025-07-01T03:01:18.709Z ##

🛡️ CRITICAL CSRF vuln in LizardByte Sunshine (<2025.628.4510): attackers can trigger admin-level OS commands via web UI if users visit malicious links. Patch to 2025.628.4510+ ASAP! CVE-2025-53095 radar.offseq.com/threat/cve-20

##

CVE-2025-49521
(8.8 HIGH)

EPSS: 0.00%

updated 2025-07-01T02:15:22.310000

2 posts

A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated users to inject expressions that execute commands or access sensitive files on the EDA worker. In OpenShift, it can lead to service account token theft.

cR0w at 2025-06-30T21:42:52.096Z ##

Post-auth sev:HIGH code injection and argument injection vulns in Ansible Automation Platform.

A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift environments, this can lead to service account token theft and cluster access.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated users to inject expressions that execute commands or access sensitive files on the EDA worker. In OpenShift, it can lead to service account token theft.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T21:42:52.000Z ##

Post-auth sev:HIGH code injection and argument injection vulns in Ansible Automation Platform.

A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift environments, this can lead to service account token theft and cluster access.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated users to inject expressions that execute commands or access sensitive files on the EDA worker. In OpenShift, it can lead to service account token theft.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-49520
(8.8 HIGH)

EPSS: 0.00%

updated 2025-07-01T02:15:22.190000

2 posts

A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift environments, this can lead to service account token theft and cluster access.

cR0w at 2025-06-30T21:42:52.096Z ##

Post-auth sev:HIGH code injection and argument injection vulns in Ansible Automation Platform.

A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift environments, this can lead to service account token theft and cluster access.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated users to inject expressions that execute commands or access sensitive files on the EDA worker. In OpenShift, it can lead to service account token theft.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T21:42:52.000Z ##

Post-auth sev:HIGH code injection and argument injection vulns in Ansible Automation Platform.

A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift environments, this can lead to service account token theft and cluster access.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated users to inject expressions that execute commands or access sensitive files on the EDA worker. In OpenShift, it can lead to service account token theft.

bugzilla.redhat.com/show_bug.c

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-26074
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-06-30T22:16:54

2 posts

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.

cR0w at 2025-06-30T19:48:07.459Z ##

Not yet evaluated means no risk yet, right?

medium.com/@mrcnry/cve-2025-26

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.

##

cR0w@infosec.exchange at 2025-06-30T19:48:07.000Z ##

Not yet evaluated means no risk yet, right?

medium.com/@mrcnry/cve-2025-26

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.

##

CVE-2025-6554
(0 None)

EPSS: 0.00%

updated 2025-06-30T22:15:29.873000

3 posts

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

offseq at 2025-07-01T00:01:29.183Z ##

🔎 Chrome pre-138.0.7204.96 hit by HIGH severity type confusion (CVE-2025-6554) in V8. Remote attackers can read/write memory via malicious HTML. Patch now! radar.offseq.com/threat/cve-20

##

cR0w at 2025-06-30T21:39:13.652Z ##

Chrome patched a sev:HIGH CVE with an ITW exploit.

Google is aware that an exploit for CVE-2025-6554 exists in the wild.

chromereleases.googleblog.com/

##

cR0w@infosec.exchange at 2025-06-30T21:39:13.000Z ##

Chrome patched a sev:HIGH CVE with an ITW exploit.

Google is aware that an exploit for CVE-2025-6554 exists in the wild.

chromereleases.googleblog.com/

##

CVE-2025-45931
(9.8 CRITICAL)

EPSS: 0.00%

updated 2025-06-30T21:31:52

2 posts

An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6916
(8.8 HIGH)

EPSS: 0.00%

updated 2025-06-30T21:15:32.730000

2 posts

A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. This affects the function Form_Login of the file /formLoginAuth.htm. The manipulation of the argument authCode/goURL leads to missing authentication. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used.

1 repos

https://github.com/c0nyy/IoT_vuln

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-32463
(9.3 CRITICAL)

EPSS: 0.00%

updated 2025-06-30T21:15:30.257000

8 posts

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

offseq at 2025-07-01T04:31:35.925Z ##

🔴 CRITICAL: CVE-2025-32463 in Sudo <1.9.17p1 lets local users escalate to root by abusing --chroot and user-controlled /etc/nsswitch.conf. Identify & patch vulnerable systems, tighten controls. radar.offseq.com/threat/cve-20

##

leah@blahaj.social at 2025-06-30T20:40:42.000Z ##

Turns out sudo -f was implemented as sudo -R...
leahneukirchen.org/blog/archiv

stratascale.com/vulnerability-

##

lobsters@mastodon.social at 2025-06-30T20:20:09.000Z ##

CVE-2025-32463 Vulnerability Advisory: Sudo chroot Elevation of Privilege lobste.rs/s/srcfxn #linux #security
stratascale.com/vulnerability-

##

harrysintonen at 2025-06-30T16:57:52.489Z ##

Sudo versions 1.9.14 to 1.9.17 (inclusive) have two critical vulnerabilities:
- local privilege escalation via chroot option (CVE-2025-32463) openwall.com/lists/oss-securit
- local privilege escalation via host option (CVE-2025-32462) openwall.com/lists/oss-securit

##

darkoneko@shelter.moe at 2025-06-30T16:36:36.000Z ##

Oula, une vulnérabilité sur "sudo" ubuntu.com/security/CVE-2025-3

> An attacker can leverage sudo’s `-R` (`--chroot`) option to run arbitrary commands as root, even if they are not listed in the sudoers file. Sudo versions 1.9.14 to 1.9.17 inclusive are affected.

##

leah@blahaj.social at 2025-06-30T20:40:42.000Z ##

Turns out sudo -f was implemented as sudo -R...
leahneukirchen.org/blog/archiv

stratascale.com/vulnerability-

##

lobsters@mastodon.social at 2025-06-30T20:20:09.000Z ##

CVE-2025-32463 Vulnerability Advisory: Sudo chroot Elevation of Privilege lobste.rs/s/srcfxn #linux #security
stratascale.com/vulnerability-

##

harrysintonen@infosec.exchange at 2025-06-30T16:57:52.000Z ##

Sudo versions 1.9.14 to 1.9.17 (inclusive) have two critical vulnerabilities:
- local privilege escalation via chroot option (CVE-2025-32463) openwall.com/lists/oss-securit
- local privilege escalation via host option (CVE-2025-32462) openwall.com/lists/oss-securit

#cve_2025_32463 #cve_2025_32462 #infosec #cybersecurity

##

CVE-2025-32462
(2.8 LOW)

EPSS: 0.00%

updated 2025-06-30T21:15:30.080000

7 posts

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.

harrysintonen at 2025-06-30T16:57:52.489Z ##

Sudo versions 1.9.14 to 1.9.17 (inclusive) have two critical vulnerabilities:
- local privilege escalation via chroot option (CVE-2025-32463) openwall.com/lists/oss-securit
- local privilege escalation via host option (CVE-2025-32462) openwall.com/lists/oss-securit

##

decio at 2025-06-30T15:59:09.156Z ##

𝐬𝐮𝐝𝐨 -𝐡 𝐡𝐨𝐬𝐭

Turns out the "h" stands for "hold my beer". 🍺 😅
⬇️
Local Privilege Escalation via host option

Sudo’s host (-h or --host) option is intended to be used in conjunction with the list option (-l or --list) to list a user’s sudo privileges on a host other than the current one. However, due to a bug it was not restricted to listing privileges and could be used when running a command via sudo or editing a file with sudoedit. Depending on the rules present in the sudoers file this could allow a local privilege escalation attack.

Sudo versions 1.8.8 to 1.9.17 inclusive are affected.
👇
sudo.ws/security/advisories/ho

[related]

Vulnerability Advisory: Sudo Host Option Elevation of Privilege
👇
stratascale.com/vulnerability-

##

bortzmeyer@mastodon.gougere.fr at 2025-06-30T15:23:57.000Z ##

Setting up sudo (1.9.13p3-1+deb12u2) ...

Et hop, CVE-2025-32462 ne passera pas par moi. tracker.debian.org/news/164997

##

bearstech@mamot.fr at 2025-06-30T15:19:09.000Z ##

⚠️ Faille Sudo, il faut corriger rapidement.

CVE-2025-32462 : une faille dans sudo permet l’escalade de privilèges locaux via l’option host (V)

TL;DR : Faille de type "Trust me bro on est sur une autre machine lance la commande". (L)

👉 sudo.ws/security/advisories/ho

##

harrysintonen@infosec.exchange at 2025-06-30T16:57:52.000Z ##

Sudo versions 1.9.14 to 1.9.17 (inclusive) have two critical vulnerabilities:
- local privilege escalation via chroot option (CVE-2025-32463) openwall.com/lists/oss-securit
- local privilege escalation via host option (CVE-2025-32462) openwall.com/lists/oss-securit

#cve_2025_32463 #cve_2025_32462 #infosec #cybersecurity

##

decio@infosec.exchange at 2025-06-30T15:59:09.000Z ##

𝐬𝐮𝐝𝐨 -𝐡 𝐡𝐨𝐬𝐭

Turns out the "h" stands for "hold my beer". 🍺 😅
⬇️
Local Privilege Escalation via host option

Sudo’s host (-h or --host) option is intended to be used in conjunction with the list option (-l or --list) to list a user’s sudo privileges on a host other than the current one. However, due to a bug it was not restricted to listing privileges and could be used when running a command via sudo or editing a file with sudoedit. Depending on the rules present in the sudoers file this could allow a local privilege escalation attack.

Sudo versions 1.8.8 to 1.9.17 inclusive are affected.
👇
sudo.ws/security/advisories/ho

[related]

Vulnerability Advisory: Sudo Host Option Elevation of Privilege
👇
stratascale.com/vulnerability-

#CyberVeille #sudo #CVE_2025_32462

##

bortzmeyer@mastodon.gougere.fr at 2025-06-30T15:23:57.000Z ##

Setting up sudo (1.9.13p3-1+deb12u2) ...

Et hop, CVE-2025-32462 ne passera pas par moi. tracker.debian.org/news/164997

##

CVE-2025-5730
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-06-30T19:15:25.183000

1 posts

The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks.

offseq at 2025-06-30T07:31:27.532Z ##

🔒 CVE-2025-5730: HIGH severity stored XSS in Contact Form Plugin <1.1.29 for WordPress. Contributor roles can persistently inject scripts—risking admin compromise & data leaks. Restrict access, monitor logs, and prep for a patch. radar.offseq.com/threat/cve-20

##

CVE-2025-45729
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-06-30T18:38:48.477000

2 posts

D-Link DIR-823-Pro 1.02 has improper permission control, allowing unauthorized users to turn on and access Telnet services.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-47823
(2.2 LOW)

EPSS: 0.01%

updated 2025-06-30T18:38:48.477000

2 posts

Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a hardcoded password for a system.

CVE-2025-47824
(2.0 LOW)

EPSS: 0.01%

updated 2025-06-30T18:38:48.477000

2 posts

Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage of code.

CVE-2025-3699
(9.8 CRITICAL)

EPSS: 0.17%

updated 2025-06-30T18:38:48.477000

2 posts

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation G-50 Version 3.37 and prior, G-50-W Version 3.37 and prior, G-50A Version 3.37 and prior, GB-50 Version 3.37 and prior, GB-50A Version 3.37 and prior, GB-24A Version 9.12 and prior, G-150AD Version 3.21 and prior, AG-150A-A Version 3.21 and prior, AG-150A-J Version 3.21 and prior, GB-50AD Version 3.21 and

jos1264@social.skynetcloud.site at 2025-06-29T21:55:02.000Z ##

CVE-2025-3699: la puerta trasera (no intencionada) en los HVAC de Mitsubishi Electric hackplayers.com/2025/06/cve-20 #vulnerabilidades #amenazas #IoT #OT

##

beyondmachines1@infosec.exchange at 2025-06-28T11:01:25.000Z ##

Critical vulnerability exposes Mitsubishi Electric Air Conditioning Controllers to remote takeover

CISA has reported a critical vulnerability (CVE-2025-3699) in Mitsubishi Electric air conditioning control systems that allows remote unauthenticated attackers to bypass login mechanisms and gain unauthorized control over industrial HVAC infrastructure through missing authentication protections.

**If you have Mitsubishi Electric air conditioning controllers, make sure they are isolated from the internet and accessible only from trusted networks. Also make sure thar physical access to HVAC control panels is properly secured. Then contact Mitsubishi Electric for patch availability.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-6897
(5.5 MEDIUM)

EPSS: 0.55%

updated 2025-06-30T18:38:23.493000

2 posts

A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6881
(8.8 HIGH)

EPSS: 0.04%

updated 2025-06-30T18:38:23.493000

2 posts

A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoe_base.asp of the component jhttpd. The manipulation of the argument mschap_en leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-53391
(9.3 CRITICAL)

EPSS: 0.01%

updated 2025-06-30T18:38:23.493000

2 posts

The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.2.0-1 package has insecure PolicyKit allow_any/allow_inactive/allow_active settings that allow a local user to escalate their privileges to root.

cR0w at 2025-06-30T13:59:29.109Z ##

That's kind of a fun PrivEsc.

sev:CRIT 9.3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.2.0-1 package has insecure PolicyKit allow_any/allow_inactive/allow_active settings that allow a local user to escalate their privileges to root.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T13:59:29.000Z ##

That's kind of a fun PrivEsc.

sev:CRIT 9.3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.2.0-1 package has insecure PolicyKit allow_any/allow_inactive/allow_active settings that allow a local user to escalate their privileges to root.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-24290
(9.9 CRITICAL)

EPSS: 0.03%

updated 2025-06-30T18:38:23.493000

3 posts

Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.

cR0w at 2025-06-30T13:50:55.985Z ##

Fucking Ubiquiti showing they're the Tesla of networking yet again.

community.ui.com/releases/Secu

sev:CRIT 9.9 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.

nvd.nist.gov/vuln/detail/CVE-2

##

offseq at 2025-06-30T00:01:06.054Z ##

🛡️ Critical vuln (CVE-2025-24290) in Ubiquiti UISP ≤2.4.206: Authenticated SQL injection lets low-priv users escalate to admin! Patch when available, restrict UI access, audit privileges. radar.offseq.com/threat/cve-20

##

cR0w@infosec.exchange at 2025-06-30T13:50:55.000Z ##

Fucking Ubiquiti showing they're the Tesla of networking yet again.

community.ui.com/releases/Secu

sev:CRIT 9.9 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-53091
(0 None)

EPSS: 0.07%

updated 2025-06-30T18:38:23.493000

1 posts

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox parameter of the `/controle/getProdutosPorAlmox.php` endpoint. This issue allows any unauthenticated attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or further expl

offseq@infosec.exchange at 2025-06-28T01:31:16.000Z ##

⚠️ CRITICAL: CVE-2025-53091 impacts WeGIA <=3.3.3. Unauth time-based blind SQLi in 'almox' param of /controle/getProdutosPorAlmox.php—easy remote exploit, data at risk! Patch to 3.4.0+ ASAP. radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #CVE202553091 #FOSS #CharitySecurity

##

DarkWebInformer at 2025-06-29T22:26:17.008Z ##

🚨CVE-2025-3248: RCE vulnerability in Langflow

Link: zoomeye.ai/searchResult?q=YXBw

ZoomEye Dork: app="Langflow"

Results: 1,862

Advisory: github.com/advisories/GHSA-rvq

PoC: github.com/ynsmroztas/CVE-2025

CVSS: 9.3

——————————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive an extra 15-day membership. 💙

##

DarkWebInformer@infosec.exchange at 2025-06-29T22:26:17.000Z ##

🚨CVE-2025-3248: RCE vulnerability in Langflow

Link: zoomeye.ai/searchResult?q=YXBw

ZoomEye Dork: app="Langflow"

Results: 1,862

Advisory: github.com/advisories/GHSA-rvq

PoC: github.com/ynsmroztas/CVE-2025

CVSS: 9.3

——————————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive an extra 15-day membership. 💙

##

CVE-2024-8419
(7.5 HIGH)

EPSS: 0.15%

updated 2025-06-30T12:30:52

1 posts

The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication.

CVE-2025-6899
(6.3 MEDIUM)

EPSS: 0.63%

updated 2025-06-30T09:30:35

2 posts

A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the argument flag/cmd/iface leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-53415
(7.8 HIGH)

EPSS: 0.26%

updated 2025-06-30T09:30:35

1 posts

Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution

offseq at 2025-06-30T10:31:31.635Z ##

🔍 CVE-2025-53415: HIGH severity in Delta Electronics DTM Soft. Unsafe deserialization of project files enables RCE—no patch yet. Restrict access, block untrusted files, and segment networks! radar.offseq.com/threat/cve-20

##

CVE-2025-6898
(6.3 MEDIUM)

EPSS: 0.63%

updated 2025-06-30T09:30:30

2 posts

A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in proxy_client.asp. The manipulation of the argument proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6896
(6.3 MEDIUM)

EPSS: 0.63%

updated 2025-06-30T09:30:30

2 posts

A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6887
(8.8 HIGH)

EPSS: 0.09%

updated 2025-06-30T06:30:33

3 posts

A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

offseq at 2025-06-30T06:01:08.640Z ##

🚨 HIGH severity: CVE-2025-6887 in Tenda AC5 (15.03.06.47). Stack-based buffer overflow via /goform/SetSysTimeCfg—remote exploit code is public. No patch out yet. Urgent: Restrict access, disable remote mgmt, monitor for suspicious activity. radar.offseq.com/threat/cve-20

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6886
(8.8 HIGH)

EPSS: 0.09%

updated 2025-06-30T06:30:33

4 posts

A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

offseq at 2025-06-30T04:31:21.642Z ##

🚨 HIGH severity vuln: Tenda AC5 (15.03.06.47) stack buffer overflow in /goform/openSchedWifi (CVE-2025-6886). Remote exploit public. Restrict access & monitor for fixes! radar.offseq.com/threat/cve-20

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

offseq@infosec.exchange at 2025-06-30T04:31:21.000Z ##

🚨 HIGH severity vuln: Tenda AC5 (15.03.06.47) stack buffer overflow in /goform/openSchedWifi (CVE-2025-6886). Remote exploit public. Restrict access & monitor for fixes! radar.offseq.com/threat/cve-20 #OffSeq #Vuln #IoT #Tenda

##

CVE-2025-6019
(7.0 None)

EPSS: 0.02%

updated 2025-06-30T03:31:34

3 posts

A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-pr

3 repos

https://github.com/guinea-offensive-security/CVE-2025-6019

https://github.com/And-oss/CVE-2025-6019-exploit

https://github.com/neko205-mx/CVE-2025-6019_Exploit

technotenshi@infosec.exchange at 2025-06-23T20:52:54.000Z ##

Two new Linux flaws (CVE-2025-6018, CVE-2025-6019) allow local attackers to escalate to root via PAM misconfig and udisks. Exploits confirmed on Ubuntu, Fedora, Debian. Admins urged to patch immediately.

bleepingcomputer.com/news/linu

#Linux #LPE #Infosec #Vulnerability

##

jwildeboer@social.wildeboer.net at 2025-06-23T16:01:28.000Z ##

@mina Sure. But it doesn't explain why the dash is not allowed. my example is an official CVE. Which is CVE-YEAR-Number, example: CVE-2025-6019. It is NOT CVE_2025_6019. So why is underscore allowed in a hashtag but the dash isn't? @Gargron @evan

##

jwildeboer@social.wildeboer.net at 2025-06-23T12:26:57.000Z ##

Yo, fellow Linuxers, #CVE20256019 has been published and updates are available. The TL;DR. A Local Privilege Escalation to root via libblockdev. Notice the local. So you need to be able to be on the machine. Still, update now.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-6882
(8.8 HIGH)

EPSS: 0.04%

updated 2025-06-30T03:30:39

3 posts

A vulnerability classified as critical has been found in D-Link DIR-513 1.0. This affects an unknown part of the file /goform/formSetWanPPTP. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the main

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

offseq at 2025-06-30T03:01:23.102Z ##

D-Link DIR-513 v1.0 hit by HIGH severity buffer overflow (CVE-2025-6882) in /goform/formSetWanPPTP. No patch—device EOL. Public exploit available! Replace or isolate immediately. radar.offseq.com/threat/cve-20

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6825
(8.8 HIGH)

EPSS: 0.14%

updated 2025-06-28T21:30:35

2 posts

A vulnerability classified as critical was found in TOTOLINK A702R up to 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be us

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-52570(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-06-27T23:08:47

2 posts

### Impact The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services `letmeind` and `letmeinfwd`. Therefore, the command line option `num-connections` is not effective and does not limit the number of simultaneously incoming connections. `letmeind` is the public network facing daemon (TCP/UD

cR0w at 2025-06-30T19:57:34.057Z ##

Wait, we're still doing port knocking? I thought that was a lost art that got snuffed out by the "obscurity does not provide security" nerds.

github.com/mbuesch/letmein/sec

Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services letmeind and letmeinfwd. Therefore, the command line option num-connections is not effective and does not limit the number of simultaneously incoming connections. This issue has been patched in version 10.2.1.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T19:57:34.000Z ##

Wait, we're still doing port knocking? I thought that was a lost art that got snuffed out by the "obscurity does not provide security" nerds.

github.com/mbuesch/letmein/sec

Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services letmeind and letmeinfwd. Therefore, the command line option num-connections is not effective and does not limit the number of simultaneously incoming connections. This issue has been patched in version 10.2.1.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-6620
(6.3 MEDIUM)

EPSS: 1.94%

updated 2025-06-27T18:31:47

2 posts

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been rated as critical. Affected by this issue is the function setUpgradeUboot of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6618
(6.3 MEDIUM)

EPSS: 1.94%

updated 2025-06-27T18:31:47

2 posts

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical. Affected is the function SetWLanApcliSettings of the file wps.so. The manipulation of the argument PIN leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6619
(6.3 MEDIUM)

EPSS: 1.94%

updated 2025-06-27T18:31:47

2 posts

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6621
(6.3 MEDIUM)

EPSS: 1.94%

updated 2025-06-27T18:31:47

2 posts

A vulnerability classified as critical has been found in TOTOLINK CA300-PoE 6.2c.884. This affects the function QuickSetting of the file ap.so. The manipulation of the argument hour/minute leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-49853
(9.1 CRITICAL)

EPSS: 0.05%

updated 2025-06-27T18:31:47

1 posts

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries.

beyondmachines1@infosec.exchange at 2025-06-25T11:01:37.000Z ##

Multiple vulnerabilities reported in ControlID iDSecure vehicle access control systems

ControlID has patched three critical vulnerabilities in its iDSecure On-Premises access control software, including a SQL injection flaw (CVE-2025-49853) and authentication bypass (CVE-2025-49851) that could allow attackers to gain unauthorized access to physical facilities and manipulate vehicle access systems.

**If you use ControlID iDSecure On-Premises access control software, check if it's accessible from the internet. If it is, make sure it's isolated from the internet and accessible only from trusted networks as much as possible Then plan a quick update to version 4.7.50.0. This system controls physical access to your facilities, so breaching it may get criminals access to your premises.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-6522
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-06-27T18:30:51

2 posts

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string.

cR0w at 2025-06-30T14:10:07.291Z ##

Internet. Of. Shit.

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T14:10:07.000Z ##

Internet. Of. Shit.

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-6568
(8.8 HIGH)

EPSS: 0.17%

updated 2025-06-27T18:30:43

2 posts

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2024-51978
(9.8 CRITICAL)

EPSS: 2.05%

updated 2025-06-27T15:32:26

5 posts

An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP request.

Nuclei template

1 repos

https://github.com/sfewer-r7/BrotherVulnerabilities

LMGsecurity at 2025-06-30T13:40:58.574Z ##

More information on printer security, since they are often a cybersecurity blind spot!

Last week, we shared a warning about the unpatchable Brother printer vulnerability (CVE-2024-51978) that puts millions of devices at risk. If you haven’t updated your default admin passwords, do it now.

Since there was a lot of interest in this topic, we're sharing our classic, but still very relevant, on-demand webinar, "How I met your printer": youtu.be/b6d6RO2AFgw

@tompohl shares real-world techniques attackers use to exploit printers for initial access and lateral movement—exactly what we see in our penetration tests all the time.

If you haven’t tested your print infrastructure, now’s the time. Need help? Our pentest team can assess your network and highlight hidden vulnerabilities.


##

LMGsecurity@infosec.exchange at 2025-06-30T13:40:58.000Z ##

More information on printer security, since they are often a cybersecurity blind spot!

Last week, we shared a warning about the unpatchable Brother printer vulnerability (CVE-2024-51978) that puts millions of devices at risk. If you haven’t updated your default admin passwords, do it now.

Since there was a lot of interest in this topic, we're sharing our classic, but still very relevant, on-demand webinar, "How I met your printer": youtu.be/b6d6RO2AFgw

@tompohl shares real-world techniques attackers use to exploit printers for initial access and lateral movement—exactly what we see in our penetration tests all the time.

If you haven’t tested your print infrastructure, now’s the time. Need help? Our pentest team can assess your network and highlight hidden vulnerabilities.

#Cybersecurity #CISO #PrinterSecurity #PenetrationTesting #LMGSecurity #NetworkSecurity #Infosec #ITsecurity
#penetrationtesting #pentest #pentesting

##

LMGsecurity@infosec.exchange at 2025-06-27T13:45:41.000Z ##

Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.

748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.

Attackers can:
• Gain unauthenticated admin access
• Pivot to full remote code execution
• Exfiltrate credentials for LDAP, FTP, and more
• Move laterally through your network

Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.

Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.

Need help testing your network for exploitable print devices? Contact us and our pentest team can help!

Read the Dark Reading article for more details on the Brother Printers vulnerability: darkreading.com/endpoint-secur

#CyberSecurity #PenetrationTesting #Pentest #Pentesting #PrinterSecurity #BrotherPrinters #CVE202451978 #Infosec #IT #SMB #CISO #Cyberaware #DFIR #ITSecurity #ZeroTrust #PatchNow #Pentest

##

jbhall56@infosec.exchange at 2025-06-26T12:43:55.000Z ##

Although seven of the eight flaws can be patched, the aforementioned vulnerability, CVE-2024-51978, cannot. darkreading.com/endpoint-secur

##

beyondmachines1@infosec.exchange at 2025-06-26T10:01:37.000Z ##

Vulnerabilities reported in Brother printers and other vendors, at least one critical

Brother Industries and four other major printer manufacturers have disclosed eight security vulnerabilities affecting 748 models of multifunction printers, including a critical authentication bypass flaw (CVE-2024-51978) that allows unauthenticated attackers to generate default administrator passwords using a predictable algorithm and cannot be fully patched through firmware updates.

**If you have Brother printers (or multifunction devices from FUJIFILM, Ricoh, Toshiba Tec, or Konica Minolta), immediately change all default administrator passwords since they probably have a flaw that allows attackers to generate these passwords and can't be fully patched. Alsom, make sure the printer are not accessible from the internet. Then apply the latest firmware updates to fix the other flaws.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-6705(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-06-27T15:31:41

2 posts

On open-vsx.org http://open-vsx.org/  it was possible to run an arbitrary build scripts for auto-published extensions because of missing sandboxing of CI job runs. An attacker who had access to an existing extension could take over the service account of the marketplace. The issue has been fixed on June 24th, 2025 and the vulnerable code present in the publish-extension code repository.

beyondmachines1 at 2025-06-30T10:01:20.913Z ##

Researchers report flaw in Open VSX Registry that can compromise VS Code extensions marketplace

Cybersecurity researchers disclosed a critical vulnerability (CVE-2025-6705) in the Open VSX Registry that could have allowed attackers to gain complete control over the Visual Studio Code extensions marketplace by exploiting the automated publishing mechanism to steal high-privilege tokens and distribute malicious updates to millions of developer environments. The Eclipse Foundation patched the vulnerability on June 25, 2025.

**When designing your CI/CD system, review what code will it run and whether it will expose your API keys and other secrets to untrusted third party code that may be malicious. If your CI/CD will run such code, consider levels of isolation or use API keys that are for that session only with limited permissions. Yes, this is very difficult, but it's part of the complexity of running any code from anyone.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2025-06-30T10:01:20.000Z ##

Researchers report flaw in Open VSX Registry that can compromise VS Code extensions marketplace

Cybersecurity researchers disclosed a critical vulnerability (CVE-2025-6705) in the Open VSX Registry that could have allowed attackers to gain complete control over the Visual Studio Code extensions marketplace by exploiting the automated publishing mechanism to steal high-privilege tokens and distribute malicious updates to millions of developer environments. The Eclipse Foundation patched the vulnerability on June 25, 2025.

**When designing your CI/CD system, review what code will it run and whether it will expose your API keys and other secrets to untrusted third party code that may be malicious. If your CI/CD will run such code, consider levels of isolation or use API keys that are for that session only with limited permissions. Yes, this is very difficult, but it's part of the complexity of running any code from anyone.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2024-54085
(9.8 CRITICAL)

EPSS: 9.47%

updated 2025-06-27T12:32:19

3 posts

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

1 repos

https://github.com/Mr-Zapi/CVE-2024-54085

beyondmachines1@infosec.exchange at 2025-06-27T09:01:25.000Z ##

CISA warns that AMI MegaRAC Vulnerability that enables server takeover is actively exploited

CISA has reported active exploitation of a maximum-severity vulnerability (CVE-2024-54085, CVSS 10.0) in AMI's MegaRAC Baseboard Management Controller software that allows unauthenticated remote attackers to completely hijack servers, deploy ransomware, and potentially cause irreversible hardware damage through malicious firmware manipulation.

**Check your servers NOW. If any of them use AMI's MegaRAC Baseboard Management Controller, make sure that the BMC is isolated in a separate network segment and only accessible only from internal trusted systems. Reach out to your server vendor for a patch, and plan a patch period. Don't ignore this one, since hackers are already exploiting this flaw.**
#cybersecurity #infosec #advisory #ransomware
beyondmachines.net/event_detai

##

AAKL@infosec.exchange at 2025-06-25T17:03:57.000Z ##

New.

CISA has added to the KEV catalogue. The usual suspects are back.

- CVE-2024-54085: AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability cve.org/CVERecord?id=CVE-2024-

- CVE-2024-0769: D-Link DIR-859 Router Path Traversal Vulnerability cve.org/CVERecord?id=CVE-2024-

- CVE-2019-6693: Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability cve.org/CVERecord?id=CVE-2019- #cybersecurity #CISA #infosec

##

cisakevtracker@mastodon.social at 2025-06-25T17:01:22.000Z ##

CVE ID: CVE-2024-54085
Vendor: AMI
Product: MegaRAC SPx
Date Added: 2025-06-25
Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: go.ami.com/hubfs/Security%20Ad ; security.netapp.com/advisory/n ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-6751
(8.8 HIGH)

EPSS: 0.08%

updated 2025-06-27T06:31:22

2 posts

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function set_device_language of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dut_language leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The ve

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6752
(8.8 HIGH)

EPSS: 0.08%

updated 2025-06-27T06:31:22

2 posts

A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500 up to 20250619 and classified as critical. This vulnerability affects the function SetDefaultConnectionService of the file /upnp/control/Layer3Forwarding of the component IGD. The manipulation of the argument NewDefaultConnectionService leads to stack-based buffer overflow. The attack can be initiated remotely. The exp

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-47821
(2.2 LOW)

EPSS: 0.01%

updated 2025-06-27T03:30:47

2 posts

Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for a system.

CVE-2025-47822
(6.4 MEDIUM)

EPSS: 0.02%

updated 2025-06-27T03:30:47

2 posts

Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have an on-chip debug interface with improper access control.

CVE-2025-47819
(6.4 MEDIUM)

EPSS: 0.02%

updated 2025-06-27T03:30:47

2 posts

Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control.

CVE-2025-47818
(2.2 LOW)

EPSS: 0.01%

updated 2025-06-27T03:30:41

2 posts

Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection.

CVE-2025-6734
(8.8 HIGH)

EPSS: 0.04%

updated 2025-06-27T00:32:15

2 posts

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. This issue affects the function sub_484E40 of the file /goform/formP2PLimitConfig of the component API. The manipulation of the argument except leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early abou

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6732
(8.8 HIGH)

EPSS: 0.04%

updated 2025-06-27T00:32:15

2 posts

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about t

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6561
(9.8 CRITICAL)

EPSS: 0.08%

updated 2025-06-26T21:31:28

1 posts

Certain hybrid DVR models ((HBF-09KD and HBF-16NK)) from Hunt Electronic have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.

beyondmachines1@infosec.exchange at 2025-06-28T17:01:25.000Z ##

Critical flaw reported in Hunt Electronics DVR Systems exposes plaintext admin credentials

A critical vulnerability (CVE-2025-6561) in Hunt Electronics' hybrid DVR systems allows unauthenticated attackers to retrieve administrator credentials stored in plaintext through simple HTTP requests.

**If you use Hunt Electronics HBF-09KD or HBF-16NK DVR systems, make sure they are isolated from the internet. Then immediately update to firmware V3.1.70_1806 BB50604 since this flaw exposes administrator passwords in plaintext. After patching, change all administrator passwords since they may have already been compromised.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-6627
(8.8 HIGH)

EPSS: 0.14%

updated 2025-06-26T21:31:22

2 posts

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6616
(8.8 HIGH)

EPSS: 0.08%

updated 2025-06-26T21:31:21

2 posts

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWAN_Wizard51 of the file /goform/formSetWAN_Wizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects pr

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-36038
(9.1 CRITICAL)

EPSS: 0.19%

updated 2025-06-26T21:31:21

3 posts

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.

cR0w at 2025-06-30T20:09:20.386Z ##

Oof.

ibm.com/support/pages/node/723

sev:CRIT 9.0 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.

nvd.nist.gov/vuln/detail/CVE-2

##

undercodenews@mastodon.social at 2025-06-30T11:53:35.000Z ##

Critical IBM WebSphere Flaw Opens Door to Remote Code Execution: Patch Urgently

Exploiting Enterprise Middleware: A Growing Security Crisis A major cybersecurity warning has just emerged surrounding IBM WebSphere Application Server. A critical vulnerability identified as CVE-2025-36038 is putting enterprise environments at extreme risk. Rated a 9.0 on the CVSS scale, this deserialization flaw allows unauthenticated attackers to execute arbitrary code…

undercodenews.com/critical-ibm

##

cR0w@infosec.exchange at 2025-06-30T20:09:20.000Z ##

Oof.

ibm.com/support/pages/node/723

sev:CRIT 9.0 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-6617
(8.8 HIGH)

EPSS: 0.08%

updated 2025-06-26T21:31:20

2 posts

A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6614
(8.8 HIGH)

EPSS: 0.08%

updated 2025-06-26T21:31:20

2 posts

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability onl

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-20281
(9.8 CRITICAL)

EPSS: 0.11%

updated 2025-06-26T21:31:20

7 posts

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitti

1 repos

https://github.com/abrewer251/CVE-2025-20281-2-Citrix-ISE-RCE

DarkWebInformer at 2025-06-30T19:10:23.293Z ##

🚨CVE-2025-20281 & CVE-2025-20282: Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

• CVSS: 10
• ZoomEye Dork: app="Cisco ISE"
• Results: 1,937
• Advisory:
github.com/advisories/GHSA-rc4f-42xm-hvjwgithub.com/advisories/GHSA-w8p2-wjjr-hr24

• PoC: github.com/abrewer251/CVE-2025-20281-2-Citrix-ISE-RCE

• ZoomEye Search: zoomeye.ai/searchResult?q=YXBwPSJDaXNjbyBJU0Ui

—————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive an extra 15-day membership. 💙

##

DarkWebInformer@infosec.exchange at 2025-06-30T19:10:23.000Z ##

🚨CVE-2025-20281 & CVE-2025-20282: Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

• CVSS: 10
• ZoomEye Dork: app="Cisco ISE"
• Results: 1,937
• Advisory:
github.com/advisories/GHSA-rc4f-42xm-hvjwgithub.com/advisories/GHSA-w8p2-wjjr-hr24

• PoC: github.com/abrewer251/CVE-2025-20281-2-Citrix-ISE-RCE

• ZoomEye Search: zoomeye.ai/searchResult?q=YXBwPSJDaXNjbyBJU0Ui

—————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive an extra 15-day membership. 💙

##

jos1264@social.skynetcloud.site at 2025-06-27T23:25:03.000Z ##

CVE-2025-20281 and CVE-2025-20282 Vulnerabilities: Critical RCE Flaws in Cisco ISE and ISE-PIC Enable Root Access – Source: socprime.com ciso2ciso.com/cve-2025-20281-a #rssfeedpostgeneratorecho #CyberSecurityNews #CVE-2025-20281 #CVE-2025-20282 #Latestthreats #Vulnerability #socprimecom #socprime #Blog #CVE #rce

##

DarkWebInformer@infosec.exchange at 2025-06-26T15:28:46.000Z ##

🚨Critical Cisco ISE Vulnerabilities, CVE-2025-20281 & CVE-2025-20282

Two unauthenticated RCE flaws have been disclosed in Cisco ISE and ISE-PIC, allowing remote attackers to execute commands as root without credentials.

CVE-2025-20281
• Affects: ISE 3.3 & 3.4
• Flaw: Improper input validation in external API
• CVSS: 9.8

CVE-2025-20282
• Affects: ISE 3.4
• Flaw: Internal API permits privileged file uploads
• CVSS: 10.0 (Critical)

Full advisory:
cisco.com/c/en/us/support/docs

CVE-2025-20281:
cvedetails.com/cve/CVE-2025-20

CVE-2025-20282:
cvedetails.com/cve/CVE-2025-20

##

AAKL@infosec.exchange at 2025-06-26T13:55:09.000Z ##

Cisco posted these yesterday.

- Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities - CVE-2025-20281 and
CVE-2025-20282 (critical) sec.cloudapps.cisco.com/securi

- Cisco Identity Services Engine Authorization Bypass Vulnerability - CVE-2025-20264 sec.cloudapps.cisco.com/securi @TalosSecurity #cybersecurity #infosec #Cisco

##

jbhall56@infosec.exchange at 2025-06-26T12:42:17.000Z ##

Exploitable without authentication, the two flaws are tracked as CVE-2025-20281 and CVE-2025-20282 and have the maximum severity score of 10/10. Both impact specific APIs within the affected products. securityweek.com/critical-cisc

##

beyondmachines1@infosec.exchange at 2025-06-26T09:01:38.000Z ##

Cisco reports perfect 10 critical remote code execution flaws in Identity Services Engine (ISE)

Cisco has issued an emergency advisory for two maximum-severity vulnerabilities (CVE-2025-20281 and CVE-2025-20282) in its Identity Services Engine (ISE) platforms that allow unauthenticated remote attackers to execute arbitrary code with root privileges through API input validation flaws and malicious file uploads. Organizations are urged to immediately apply the available patches as no workarounds exist to mitigate the flaws.

**This one is very important. If you are using Cisco Identity Services Engine (ISE), drop everything and start planning a patch ASAP. ISE usually controls network access to a lot of the infrastructure, so you don't want it to be hacked. And hackers will quickly start abusing these flaws.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-6543(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-06-26T21:31:20

16 posts

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

2 repos

https://github.com/grupooruss/Citrix-cve-2025-6543

https://github.com/seabed-atavism/CVE-2025-6543

cisakevtracker@mastodon.social at 2025-06-30T18:00:49.000Z ##

CVE ID: CVE-2025-6543
Vendor: Citrix
Product: NetScaler ADC and Gateway
Date Added: 2025-06-30
Notes: support.citrix.com/support-hom ; netscaler.com/blog/news/netsca ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

hrbrmstr@mastodon.social at 2025-06-30T17:52:46.000Z ##

CVE-2025-6543 (citrix 🩸) hit KEV. that means confirmed exploitation with receipts. will wash dishes for payloads. bob [@] greynoise [.] io (some mastodon clients really bork email addresses) if you have'm.

##

hrbrmstr.dev@bsky.brid.gy at 2025-06-30T17:52:45.281Z ##

CVE-2025-6543 (citrix 🩸) hit KEV. that means confirmed exploitation with receipts. will wash dishes for payloads. bob [@] greynoise [.] io (some mastodon clients really bork email addresses) if you have'm.

##

cisakevtracker@mastodon.social at 2025-06-30T18:00:49.000Z ##

CVE ID: CVE-2025-6543
Vendor: Citrix
Product: NetScaler ADC and Gateway
Date Added: 2025-06-30
Notes: support.citrix.com/support-hom ; netscaler.com/blog/news/netsca ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

hrbrmstr@mastodon.social at 2025-06-30T17:52:46.000Z ##

CVE-2025-6543 (citrix 🩸) hit KEV. that means confirmed exploitation with receipts. will wash dishes for payloads. bob [@] greynoise [.] io (some mastodon clients really bork email addresses) if you have'm.

##

jos1264@social.skynetcloud.site at 2025-06-29T05:30:02.000Z ##

CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation – Source: securityboulevard.com ciso2ciso.com/cve-2025-5777-cv #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard

##

nopatience@swecyb.com at 2025-06-28T20:17:24.000Z ##

I love how statements like:

"Currently, there is no evidence to suggest exploitation of CVE-2025-5777."

... is NOT comforting at all. It pretty much sounds just like... "we found NO vulnerabilities in our LLM-generated application".

... and how on earth would Netscaler see targeted exploitation? Exactly... Netscaler wouldn't, you might however with appropriate monitoring.

netscaler.com/blog/news/netsca

#CitrixBleed2 #CVE_2025_5777 #Cybersecurity

##

patrickcmiller@infosec.exchange at 2025-06-28T05:12:17.000Z ##

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC thehackernews.com/2025/06/citr

##

jbhall56@infosec.exchange at 2025-06-26T12:41:06.000Z ##

This new critical vulnerability, tracked as CVE-2025-6543, received a 9.2 severity score. It's a memory overflow vulnerability that can lead to unintended control flow and denial of service. theregister.com/2025/06/25/cit

##

LCSC_IE@infosec.exchange at 2025-06-26T11:19:41.000Z ##

🟥𝐋𝐂𝐒𝐂-𝐈𝐄 𝐃𝐚𝐢𝐥𝐲 𝐂𝐲𝐛𝐞𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐒𝐈𝐍𝐓 𝐒𝐡𝐚𝐫𝐞-𝟐𝟔 𝐉𝐮𝐧𝐞 𝟐𝟎𝟐𝟓🟥

𝐍𝐞𝐰𝐬:

1. Majority of Irish companies are not minimising risk of cyber attacks, according to new survey

independent.ie/business/techno

2. First-ever cyber insurance premium decline recorded last year

cybersecuritydive.com/news/cyb

3. Hackers breach Norwegian dam, open valve at full capacity

risky.biz/risky-bulletin-hacke

energiteknikk.net/2025/06/hack

4. Qilin ransomware attack on UK NHS supplier contributed to patient fatality

theregister.com/2025/06/26/qil

5. UK SMEs face rise in cyber attacks with average cost GBP £7,960

securitybrief.co.uk/story/uk-s

6. Reasons Why 2 Million SMEs Have No Cybersecurity Training

cybermagazine.com/news/bt-data

7. Insurance Europe calls for streamlining EU cybersecurity regulations

reinsurancene.ws/insurance-eur

8. France issues press statement about arrest of ShinyHunters members

databreaches.net/2025/06/25/fr

9. Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

support.citrix.com/support-hom

---

𝐆𝐥𝐨𝐛𝐚𝐥 𝐁𝐫𝐞𝐚𝐜𝐡 𝐍𝐞𝐰𝐬 𝐚𝐧𝐝 𝐃𝐚𝐭𝐚 𝐋𝐞𝐚𝐤𝐬:

1. Glasgow City Council impacted by cyber incident

glasgow.gov.uk/serviceimpact

2. Alliedbankers Insurance Corporation Allegedly Hit by Massive 80GB Data Breach

dailydarkweb.net/alliedbankers

---

𝐓𝐚𝐜𝐭𝐢𝐜𝐚𝐥 𝐑𝐞𝐩𝐨𝐫𝐭𝐬 𝐰𝐢𝐭𝐡 𝐈𝐎𝐂𝐬:

1. Iranian Educated Manticore Targets Leading Tech Academics

research.checkpoint.com/2025/i

2. In the Wild: Malware Prototype with Embedded Prompt Injection

research.checkpoint.com/2025/a

3. Patch and Persist: Darktrace’s Detection of Blind Eagle (APT-C-36)

darktrace.com/blog/patch-and-p

4. ODYSSEY STEALER : THE REBRAND OF POSEIDON STEALER

cyfirma.com/research/odyssey-s

5. Prolific Phishing Campaign Leveraging Zoom's Infrastructure

blog.reconinfosec.com/zoom-eve

6. Hive0154 aka Mustang Panda shifts focus on Tibetan community to deploy Pubload backdoor

ibm.com/think/x-force/hive0154

7. Gh0st RAT – Active IOCs

rewterz.com/threat-advisory/gh

---

𝐓𝐡𝐫𝐞𝐚𝐭 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 / 𝐃𝐅𝐈𝐑 / 𝐌𝐚𝐥𝐰𝐚𝐫𝐞:

1. Microsoft Entra ID OAuth Phishing and Detections

elastic.co/security-labs/entra

2. Cybersecurity Stop of the Month: Adversary-in-the-Middle Attacks that Target Microsoft 365

proofpoint.com/uk/blog/email-a

3. OSINT Guide Pt 2: Using Telethon + Python to scrape Telegram Data

medium.com/@hacktheplanet/osin

4. Top 3 Cyber Attacks in June 2025: GitHub Abuse, Control Flow Flattening, and More

any.run/cybersecurity-blog/cyb

5. The Case of Hidden Spam Pages

blog.sucuri.net/2025/06/the-ca

6. Untrustworthy Trust Builders: Account Operators Replicating Trust Attack (AORTA)

specterops.io/blog/2025/06/25/

7. New BRAODO Stealer Campaign Abuses GitHub To Host Payloads And Evade Detection

cybersecuritynews.com/new-brao

8. Setup for Maldev on android

medium.com/@lord_murak/setup-f

9. Anomaly Detection in .onion Traffic Using Machine Learning

medium.com/@sreyashyjash/anoma

---

𝐋𝐢𝐠𝐡𝐭 𝐑𝐞𝐚𝐝𝐢𝐧𝐠:

1. How Foreign Scammers Use U.S. Banks to Fleece Americans

propublica.org/article/pig-but

2. Threat Brief: Escalation of Cyber Risk Related to Iran

unit42.paloaltonetworks.com/ir

3. A brief overview of the main incidents in industrial cybersecurity. Q1 2025

ics-cert.kaspersky.com/publica

4. China Cyber Espionage Against Russia Is Telling About Adversary Partnerships

oodaloop.com/analysis/ooda-ori

5. Charming Kitten APT Tries Spying on Israeli Cybersecurity Experts

darkreading.com/threat-intelli

6. Cybercriminal abuse of large language models

blog.talosintelligence.com/cyb

---

##

beyondmachines1@infosec.exchange at 2025-06-26T08:01:37.000Z ##

Citrix releases emergency patches for actively exploited vulnerability in NetScaler Products

Citrix has patched a critical actively exploited vulnerability (CVE-2025-6543) in NetScaler ADC and Gateway products that security experts suspect enables code execution despite being characterized as denial-of-service. Citrix has also patched two other critical flaws including one compared to the infamous 2023 CitrixBleed vulnerability. Organizations are urged to immediately patch affected systems and terminate all active sessions.

**This is now important and URGENT. Your Citrix NetScaler ADC or Gateway, exposed on the internet, they are actively attacked and exploited. Also, there seems to be some indisclosed severity in the three latest critical flaws and possibility of a repeat of the CitrixBleed incident from 2023. Immediately update to the latest patched versions (14.1-47.46, 13.1-59.19, or 13.1-37.236-FIPS). After patching, you must also terminate all active ICA and PCoIP sessions to prevent attackers from using stolen session tokens. If you have end-of-life devices, shut them down NOW - they will be hacked.**
#cybersecurity #infosec #attack #activeattack
beyondmachines.net/event_detai

##

jos1264@social.skynetcloud.site at 2025-06-25T23:50:03.000Z ##

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC – Source:thehackernews.com ciso2ciso.com/citrix-releases- #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Citrix

##

oversecurity@mastodon.social at 2025-06-25T17:50:09.000Z ##

Citrix warns of NetScaler vulnerability exploited in DoS attacks

Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to...

🔗️ [Bleepingcomputer] link.is.it/c9w2Q9

##

jos1264@social.skynetcloud.site at 2025-06-25T17:20:02.000Z ##

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC thehackernews.com/2025/06/citr

##

DarkWebInformer@infosec.exchange at 2025-06-25T15:51:54.000Z ##

🚨Security Advisory: Citrix NetScaler ADC / Gateway – CVE‑2025‑6543

darkwebinformer.com/security-a

##

AAKL@infosec.exchange at 2025-06-25T14:58:54.000Z ##

New:

Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 support.citrix.com/support-hom

More:

The Hacker News: Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC thehackernews.com/2025/06/citr @thehackernews #cybersecurity #Infosec

##

CVE-2025-32977
(9.7 CRITICAL)

EPSS: 0.02%

updated 2025-06-26T21:31:13

2 posts

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to upload backup files to the system. While signature validation is implemented, weaknesses in the validation process can be exploited to upload malicious backup content that could co

CVE-2025-32978
(7.5 HIGH)

EPSS: 0.06%

updated 2025-06-26T21:31:13

2 posts

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to replace system licenses through a web interface intended for license renewal. Attackers can exploit this to replace valid licenses with expired or trial licenses, causing denial of

CVE-2025-23264
(7.8 HIGH)

EPSS: 0.02%

updated 2025-06-26T21:31:13

1 posts

NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering.

AAKL@infosec.exchange at 2025-06-25T15:38:06.000Z ##

Nvidia updates, from yesterday.

- Security Bulletin: NVIDIA AIStore on Kubernetes - June 2025, affecting CVE-2025-23260 nvidia.custhelp.com/app/answer

This affects CVE-2025-23264 and CVE-2025-23265: NVIDIA Megatron LM - June 2025 nvidia.custhelp.com/app/answer #cybersecurity #Infoec #Nvidia

##

CVE-2025-23265
(7.8 HIGH)

EPSS: 0.02%

updated 2025-06-26T21:31:13

1 posts

NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering.

AAKL@infosec.exchange at 2025-06-25T15:38:06.000Z ##

Nvidia updates, from yesterday.

- Security Bulletin: NVIDIA AIStore on Kubernetes - June 2025, affecting CVE-2025-23260 nvidia.custhelp.com/app/answer

This affects CVE-2025-23264 and CVE-2025-23265: NVIDIA Megatron LM - June 2025 nvidia.custhelp.com/app/answer #cybersecurity #Infoec #Nvidia

##

CVE-2025-49151
(9.1 CRITICAL)

EPSS: 0.09%

updated 2025-06-26T21:31:13

1 posts

MICROSENS NMP Web+ could allow an unauthenticated attacker to generate forged JSON Web Tokens (JWT) to bypass authentication.

beyondmachines1@infosec.exchange at 2025-06-25T10:01:37.000Z ##

Multiple critical flaws reported in MICROSENS NMP Web+ Network Management Platform

MICROSENS has patched three critical vulnerabilities in its NMP Web+ network management platform, including authentication bypass through hard-coded JWT constants (CVE-2025-49151) and path traversal enabling arbitrary code execution (CVE-2025-49153). The company urges immediate updates to version 3.3.0 for all installations running version 3.2.5 or earlier.

**If you use MICROSENS NMP Web+ network management platform, make sure it's isolated from the internet and accessible only fron trusted networks. Then plan a quick update to version 3.3.0 to patch, because these flaws are fairly trivial to abuse.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-20264
(6.4 MEDIUM)

EPSS: 0.05%

updated 2025-06-26T21:31:12

1 posts

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms for users created by SAML SSO integration with an external identity provider. An attacker could exploi

AAKL@infosec.exchange at 2025-06-26T13:55:09.000Z ##

Cisco posted these yesterday.

- Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities - CVE-2025-20281 and
CVE-2025-20282 (critical) sec.cloudapps.cisco.com/securi

- Cisco Identity Services Engine Authorization Bypass Vulnerability - CVE-2025-20264 sec.cloudapps.cisco.com/securi @TalosSecurity #cybersecurity #infosec #Cisco

##

CVE-2025-6565
(8.8 HIGH)

EPSS: 0.19%

updated 2025-06-26T21:31:09

2 posts

A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-32976
(8.8 HIGH)

EPSS: 0.10%

updated 2025-06-26T21:31:09

2 posts

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains a logic flaw in its two-factor authentication implementation that allows authenticated users to bypass TOTP-based 2FA requirements. The vulnerability exists in the 2FA validation process and can be explo

CVE-2025-48469
(9.7 CRITICAL)

EPSS: 0.04%

updated 2025-06-26T21:31:08

2 posts

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload firmware through a public update page, potentially leading to backdoor installation or privilege escalation.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6559
(9.8 CRITICAL)

EPSS: 0.62%

updated 2025-06-26T21:31:08

2 posts

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6560
(9.8 CRITICAL)

EPSS: 0.11%

updated 2025-06-26T21:31:08

2 posts

Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.  The affected models are out of support; replacing the device is recommended.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34037(CVSS UNKNOWN)

EPSS: 2.46%

updated 2025-06-26T21:31:08

2 posts

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnerability is exploited in the wild by the "TheMoon" w

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34041(CVSS UNKNOWN)

EPSS: 1.03%

updated 2025-06-26T21:31:08

2 posts

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response (EDR) management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interface, leading to arbitrary command execution with elevated privileges. This flaw only affects the Chines

cR0w at 2025-06-30T18:57:37.858Z ##

LMAO. It's an older vuln and was added to CNVD in 2020 but just got a CVE last week. 🥳

sangfor.com/blog/cybersecurity

sev:CRIT 10.0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response (EDR) management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interface, leading to arbitrary command execution with elevated privileges. This flaw only affects the Chinese-language EDR builds.

cnvd.org.cn/flaw/show/CNVD-202

nvd.nist.gov/vuln/detail/CVE-2

And FWIW, ShadowServer shows EITW in CN.

dashboard.shadowserver.org/sta

##

cR0w@infosec.exchange at 2025-06-30T18:57:37.000Z ##

LMAO. It's an older vuln and was added to CNVD in 2020 but just got a CVE last week. 🥳

sangfor.com/blog/cybersecurity

sev:CRIT 10.0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response (EDR) management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interface, leading to arbitrary command execution with elevated privileges. This flaw only affects the Chinese-language EDR builds.

cnvd.org.cn/flaw/show/CNVD-202

nvd.nist.gov/vuln/detail/CVE-2

And FWIW, ShadowServer shows EITW in CN.

dashboard.shadowserver.org/sta

##

CVE-2025-20282
(10.0 CRITICAL)

EPSS: 0.10%

updated 2025-06-26T20:35:33.577000

7 posts

A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An

DarkWebInformer at 2025-06-30T19:10:23.293Z ##

🚨CVE-2025-20281 & CVE-2025-20282: Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

• CVSS: 10
• ZoomEye Dork: app="Cisco ISE"
• Results: 1,937
• Advisory:
github.com/advisories/GHSA-rc4f-42xm-hvjwgithub.com/advisories/GHSA-w8p2-wjjr-hr24

• PoC: github.com/abrewer251/CVE-2025-20281-2-Citrix-ISE-RCE

• ZoomEye Search: zoomeye.ai/searchResult?q=YXBwPSJDaXNjbyBJU0Ui

—————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive an extra 15-day membership. 💙

##

DarkWebInformer@infosec.exchange at 2025-06-30T19:10:23.000Z ##

🚨CVE-2025-20281 & CVE-2025-20282: Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

• CVSS: 10
• ZoomEye Dork: app="Cisco ISE"
• Results: 1,937
• Advisory:
github.com/advisories/GHSA-rc4f-42xm-hvjwgithub.com/advisories/GHSA-w8p2-wjjr-hr24

• PoC: github.com/abrewer251/CVE-2025-20281-2-Citrix-ISE-RCE

• ZoomEye Search: zoomeye.ai/searchResult?q=YXBwPSJDaXNjbyBJU0Ui

—————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive an extra 15-day membership. 💙

##

jos1264@social.skynetcloud.site at 2025-06-27T23:25:03.000Z ##

CVE-2025-20281 and CVE-2025-20282 Vulnerabilities: Critical RCE Flaws in Cisco ISE and ISE-PIC Enable Root Access – Source: socprime.com ciso2ciso.com/cve-2025-20281-a #rssfeedpostgeneratorecho #CyberSecurityNews #CVE-2025-20281 #CVE-2025-20282 #Latestthreats #Vulnerability #socprimecom #socprime #Blog #CVE #rce

##

DarkWebInformer@infosec.exchange at 2025-06-26T15:28:46.000Z ##

🚨Critical Cisco ISE Vulnerabilities, CVE-2025-20281 & CVE-2025-20282

Two unauthenticated RCE flaws have been disclosed in Cisco ISE and ISE-PIC, allowing remote attackers to execute commands as root without credentials.

CVE-2025-20281
• Affects: ISE 3.3 & 3.4
• Flaw: Improper input validation in external API
• CVSS: 9.8

CVE-2025-20282
• Affects: ISE 3.4
• Flaw: Internal API permits privileged file uploads
• CVSS: 10.0 (Critical)

Full advisory:
cisco.com/c/en/us/support/docs

CVE-2025-20281:
cvedetails.com/cve/CVE-2025-20

CVE-2025-20282:
cvedetails.com/cve/CVE-2025-20

##

AAKL@infosec.exchange at 2025-06-26T13:55:09.000Z ##

Cisco posted these yesterday.

- Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities - CVE-2025-20281 and
CVE-2025-20282 (critical) sec.cloudapps.cisco.com/securi

- Cisco Identity Services Engine Authorization Bypass Vulnerability - CVE-2025-20264 sec.cloudapps.cisco.com/securi @TalosSecurity #cybersecurity #infosec #Cisco

##

jbhall56@infosec.exchange at 2025-06-26T12:42:17.000Z ##

Exploitable without authentication, the two flaws are tracked as CVE-2025-20281 and CVE-2025-20282 and have the maximum severity score of 10/10. Both impact specific APIs within the affected products. securityweek.com/critical-cisc

##

beyondmachines1@infosec.exchange at 2025-06-26T09:01:38.000Z ##

Cisco reports perfect 10 critical remote code execution flaws in Identity Services Engine (ISE)

Cisco has issued an emergency advisory for two maximum-severity vulnerabilities (CVE-2025-20281 and CVE-2025-20282) in its Identity Services Engine (ISE) platforms that allow unauthenticated remote attackers to execute arbitrary code with root privileges through API input validation flaws and malicious file uploads. Organizations are urged to immediately apply the available patches as no workarounds exist to mitigate the flaws.

**This one is very important. If you are using Cisco Identity Services Engine (ISE), drop everything and start planning a patch ASAP. ISE usually controls network access to a lot of the infrastructure, so you don't want it to be hacked. And hackers will quickly start abusing these flaws.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-36537
(7.0 HIGH)

EPSS: 0.01%

updated 2025-06-26T18:58:14.280000

3 posts

Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The vulnerability only applies to the Remote Management features: Backup, Monitoring, and Patch Management.

cR0w at 2025-06-30T20:15:16.351Z ##

Oh hey, now if the baddies get your box, you can privesc to get it back.

teamviewer.com/en/resources/tr

Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The vulnerability only applies to the Remote Management features: Backup, Monitoring, and Patch Management.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T20:15:16.000Z ##

Oh hey, now if the baddies get your box, you can privesc to get it back.

teamviewer.com/en/resources/tr

Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The vulnerability only applies to the Remote Management features: Backup, Monitoring, and Patch Management.

nvd.nist.gov/vuln/detail/CVE-2

##

jos1264@social.skynetcloud.site at 2025-06-25T11:55:02.000Z ##

New TeamViewer Vulnerability Puts Windows Systems at Risk of Privilege Escalation thecyberexpress.com/cve-2025-3 #TeamViewervulnerability #TheCyberExpressNews #TeamViewersecurity #TheCyberExpress #CVE-2025-36537 #FirewallDaily #CyberNews #CWE-732

##

CVE-2025-32975
(10.0 CRITICAL)

EPSS: 0.12%

updated 2025-06-26T18:58:14.280000

2 posts

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead

CVE-2025-34034
(0 None)

EPSS: 0.05%

updated 2025-06-26T18:58:14.280000

2 posts

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface.

cR0w at 2025-06-30T18:57:43.578Z ##

sigh

sev:CRIT 9.3 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface.

And those creds are:

blueangel:blueangel
root:abnareum10
root:Admin@tbroad
root:superuser
user:user
guest:guest

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T18:57:43.000Z ##

sigh

sev:CRIT 9.3 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface.

And those creds are:

blueangel:blueangel
root:abnareum10
root:Admin@tbroad
root:superuser
user:user
guest:guest

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-23260
(5.0 MEDIUM)

EPSS: 0.03%

updated 2025-06-26T18:58:14.280000

1 posts

NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.

AAKL@infosec.exchange at 2025-06-25T15:38:06.000Z ##

Nvidia updates, from yesterday.

- Security Bulletin: NVIDIA AIStore on Kubernetes - June 2025, affecting CVE-2025-23260 nvidia.custhelp.com/app/answer

This affects CVE-2025-23264 and CVE-2025-23265: NVIDIA Megatron LM - June 2025 nvidia.custhelp.com/app/answer #cybersecurity #Infoec #Nvidia

##

CVE-2025-34042
(0 None)

EPSS: 0.52%

updated 2025-06-26T18:57:43.670000

2 posts

An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware version M2.1.6.04C014 via the ServerName and TimeZone parameters in the servetest CGI page. An attacker with access to the web interface can inject arbitrary system commands into these parameters, which are unsafely embedded into backend system calls without proper input sanitization. Successful exploitat

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34043
(0 None)

EPSS: 0.32%

updated 2025-06-26T18:57:43.670000

2 posts

A remote command injection vulnerability exists in Vacron Network Video Recorder (NVR) devices v1.4 due to improper input sanitization in the board.cgi script. The vulnerability allows unauthenticated attackers to pass arbitrary commands to the underlying operating system via crafted HTTP requests. These commands are executed with the privileges of the web server process, enabling remote code exec

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6615
(8.8 HIGH)

EPSS: 0.08%

updated 2025-06-26T18:57:43.670000

2 posts

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only a

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-49153
(9.8 CRITICAL)

EPSS: 0.17%

updated 2025-06-26T18:57:43.670000

1 posts

MICROSENS NMP Web+ could allow an unauthenticated attacker to overwrite files and execute arbitrary code.

beyondmachines1@infosec.exchange at 2025-06-25T10:01:37.000Z ##

Multiple critical flaws reported in MICROSENS NMP Web+ Network Management Platform

MICROSENS has patched three critical vulnerabilities in its NMP Web+ network management platform, including authentication bypass through hard-coded JWT constants (CVE-2025-49151) and path traversal enabling arbitrary code execution (CVE-2025-49153). The company urges immediate updates to version 3.3.0 for all installations running version 3.2.5 or earlier.

**If you use MICROSENS NMP Web+ network management platform, make sure it's isolated from the internet and accessible only fron trusted networks. Then plan a quick update to version 3.3.0 to patch, because these flaws are fairly trivial to abuse.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-34049(CVSS UNKNOWN)

EPSS: 0.50%

updated 2025-06-26T18:31:35

2 posts

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed wi

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6709
(7.5 HIGH)

EPSS: 0.09%

updated 2025-06-26T18:31:35

7 posts

The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON input when using OIDC authentication. This can be reproduced using the mongo shell to send a malicious JSON payload leading to an invariant failure and server crash. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to

MongoDB@activitypub.awakari.com at 2025-06-29T10:34:12.000Z ## MongoDB: Server predautentifikacija ranjivost omogućava napadačima izazivanje DoS stanja, budite oprezni pri pristupu. Upozorenje: Kritična pre-autentifikacijska ranjivost (CVE-2025-6709) u Mong...

#Ranjivosti #No #Fly #List #NoFly #Scam #Venmo

Origin | Interest | Match ##

MongoDB@activitypub.awakari.com at 2025-06-28T20:33:41.000Z ## MongoDB Server: Ranjivost prije autentifikacije omogućava napadačima izazivanje DoS stanja, budite oprezni Otkrivena je kritična ranjivost CVE-2025-6709 u MongoDB Serveru (verzije 6.0, 7.0, 8.0)...

#Ranjivosti #No #Fly #List #NoFly #Scam #Venmo

Origin | Interest | Match ##

MongoDB@activitypub.awakari.com at 2025-06-28T18:03:37.000Z ## MongoDB: Lako izazivanje DoS stanja kod ranjivosti pred-autentifikacije MongoDB servera. Otkrivena je kritična pre-autentifikacijska ranjivost u MongoDB Serveru (CVE-2025-6709) koja omogućava nea...

#Ranjivosti #No #Fly #List #NoFly #Scam #Venmo

Origin | Interest | Match ##

MongoDB@activitypub.awakari.com at 2025-06-28T08:03:10.000Z ## MongoDB: Ranjivost predautentifikacije servera omogućava napadačima pokretanje DoS stanja Korisnici MongoDB Servera su upozoreni na kritičnu ranjivost (CVE-2025-6709) koja dozvoljava neautentiko...

#Ranjivosti #No #Fly #List #NoFly #Scam #Venmo

Origin | Interest | Match ##

MongoDB@activitypub.awakari.com at 2025-06-27T10:39:41.000Z ## MongoDB Server Pre-Authentication Vulnerability Let Attackers Trigger DoS Condition A critical pre-authentication denial of service vulnerability was identified as CVE-2025-6709, affecting multiple...

#Cyber #Security #Cyber #Security #News #Dos #attack #Vulnerability #cyber #security #cyber

Origin | Interest | Match ##

MongoDB@activitypub.awakari.com at 2025-06-27T10:10:20.000Z ## MongoDB Server Pre-Authentication Bug Allows Attackers to Cause DoS Condition A severe pre-authentication denial-of-service (DoS) vulnerability (CVE-2025-6709) has been identified in MongoDB Server...

#Cyber #Security #News #Cybersecurity #Vulnerability #Cyber #Security #Cyber #security #news #vulnerability

Origin | Interest | Match ##

MongoDB@activitypub.awakari.com at 2025-06-27T06:18:32.000Z ## Pre-Auth Flaw in MongoDB Server Allows Attackers to Cause DoS A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-se...

#CVE/vulnerability #Cyber #Security #News #Vulnerability #cyber #security

Origin | Interest | Match ##

CVE-2025-34048(CVSS UNKNOWN)

EPSS: 0.22%

updated 2025-06-26T18:31:34

2 posts

A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN_1.02, SEA_1.04, and SEA_1.07. The vulnerability is due to insufficient input validation on the getpage parameter within the /cgi-bin/webproc CGI script. This flaw allows an unauthenticated remote attacker to perform path traversal attacks by sup

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34044(CVSS UNKNOWN)

EPSS: 0.09%

updated 2025-06-26T18:31:34

2 posts

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input validation allows unauthenticated attackers to execute arbitrary OS commands.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2024-11584
(5.9 MEDIUM)

EPSS: 0.01%

updated 2025-06-26T18:31:26

1 posts

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivelege user could trigger hotplug-hook commands.

harrysintonen@infosec.exchange at 2025-06-22T12:29:18.000Z ##

Insecure defaults can lead to surprises. When creating FIFO sockets with systemd, be sure to note that SocketMode defaults to 0666 - that is world readable and writable. That is: any local user can communicate with the FIFO. If your FIFO is used to perform privileged operations you must ensure that either the FIFO file itself is located in secured location or set SocketMode to stricter value.

I spotted one such insecure use in cloud-init: the hotplug FIFO was world writable. This is CVE-2024-11584 and fixed in cloud-init 25.1.3.

The commit fixing this is in github.com/canonical/cloud-ini

#CVE_2024_11584 #ubuntu #systemd #infosec #cybersecurity

##

CVE-2024-6174
(8.8 HIGH)

EPSS: 0.02%

updated 2025-06-26T18:31:25

2 posts

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

cR0w at 2025-06-30T14:42:05.597Z ##

Wat

sev:HIGH 8.8 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T14:42:05.000Z ##

Wat

sev:HIGH 8.8 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-6336
(8.8 HIGH)

EPSS: 0.17%

updated 2025-06-26T18:31:21

1 posts

A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

offseq@infosec.exchange at 2025-06-21T03:01:11.000Z ##

🚨 Buffer overflow (HIGH, CVSS 8.7) in TOTOLINK EX1200T v4.1.2cu.5232_B20210713 exposes networks to remote attack via /boafrm/formTmultiAP (submit-url). Public exploit disclosed. Patch or restrict web interface! CVE-2025-6336 radar.offseq.com/threat/cve-20 #OffSeq #Infosec #RouterVuln #IoTSecurity

##

CVE-2025-6399
(8.8 HIGH)

EPSS: 0.17%

updated 2025-06-25T20:13:30.100000

2 posts

A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6373
(8.8 HIGH)

EPSS: 0.03%

updated 2025-06-25T20:10:16.027000

2 posts

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWizard1 of the file /goform/formWlSiteSurvey. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products t

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6486
(8.8 HIGH)

EPSS: 0.14%

updated 2025-06-25T19:31:37.533000

2 posts

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been declared as critical. This vulnerability affects the function formWlanMultipleAP of the file /boafrm/formWlanMultipleAP. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6218
(7.8 HIGH)

EPSS: 0.65%

updated 2025-06-25T19:03:33.817000

8 posts

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A

2 repos

https://github.com/ignis-sec/CVE-2025-6218

https://github.com/speinador/CVE-2025-6218_WinRAR

knoppix95@mastodon.social at 2025-06-26T10:00:36.000Z ##

A critical vulnerability (CVE-2025-6218) in WinRAR allows remote code execution via directory traversal on Windows, risking sensitive data. ⚠️

RARLAB has released WinRAR 7.12 Final to fix this issue. Windows users should update immediately for protection. 🔒

tweaktown.com/news/106045/winr

#CyberSecurity #Privacy #Security #OpenSource #UserSafety #software #SoftwareUpdate #WinRAR #RAR #ZIP #DataProtection #Microsoft #Windows

##

benzogaga33@mamot.fr at 2025-06-26T09:40:03.000Z ##

Patchez WinRAR : une faille permet l’exécution de malware via des archives piégées it-connect.fr/winrar-patch-cve #ActuCybersécurité #Cybersécurité #Vulnérabilité

##

oversecurity@mastodon.social at 2025-06-25T17:10:34.000Z ##

WinRAR patches bug letting malware launch from extracted archives

WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed...

🔗️ [Bleepingcomputer] link.is.it/ZJNdY3

##

tomshardware@mastodon.online at 2025-06-25T13:49:03.000Z ##

WinRAR exploit enables attackers to run malicious code on your PC — critical vulnerability patched in latest beta update

The CVE-2025-6218 bug allows attackers to manipulate archive paths, potentially writing to protected system folders
#hardware
tomshardware.com/software/winr

##

zeljkazorz@infosec.exchange at 2025-06-24T12:03:42.000Z ##

A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations.

helpnetsecurity.com/2025/06/24

#WinRAR #Cybersecurity #Vulnerability

##

Android@activitypub.awakari.com at 2025-06-24T09:02:07.000Z ## WinRAR Directory Vulnerability Allows Execution of Arbitrary Code via Malicious File A severe directory traversal vulnerability (CVE-2025-6218) in RARLAB’s WinRAR software enables remote code exe...

#Cyber #Security #News

Origin | Interest | Match ##

jos1264@social.skynetcloud.site at 2025-06-24T09:55:03.000Z ##

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) helpnetsecurity.com/2025/06/24 #vulnerability #TrendMicro #Don'tmiss #Hotstuff #Windows #WinRAR #News

##

beyondmachines1@infosec.exchange at 2025-06-24T09:01:37.000Z ##

Directory traversal flaw in WinRAR enables remote code execution

RARLAB has patched a path traversal vulnerability (CVE-2025-6218) in WinRAR that allows attackers to execute malicious code by manipulating file extraction paths through specially crafted archive files that redirect extraction to unintended directories.

**If you use WinRAR on Windows, be very cautious of unexpected RAR attachments and never download files from pirated or untrusted sources. Check for the next stable release of WinRAR and update when it's released.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-49851(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-06-24T21:30:36

1 posts

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper Authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product.

beyondmachines1@infosec.exchange at 2025-06-25T11:01:37.000Z ##

Multiple vulnerabilities reported in ControlID iDSecure vehicle access control systems

ControlID has patched three critical vulnerabilities in its iDSecure On-Premises access control software, including a SQL injection flaw (CVE-2025-49853) and authentication bypass (CVE-2025-49851) that could allow attackers to gain unauthorized access to physical facilities and manipulate vehicle access systems.

**If you use ControlID iDSecure On-Premises access control software, check if it's accessible from the internet. If it is, make sure it's isolated from the internet and accessible only from trusted networks as much as possible Then plan a quick update to version 4.7.50.0. This system controls physical access to your facilities, so breaching it may get criminals access to your premises.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-2566(CVSS UNKNOWN)

EPSS: 0.13%

updated 2025-06-24T21:30:36

1 posts

Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server.

beyondmachines1@infosec.exchange at 2025-06-25T09:01:38.000Z ##

Security vulnerabilities reported in Kaleris Navis N4 terminal Operating System

Kaleris has patched critical vulnerabilities in its Navis N4 Terminal Operating System used for port operations, including a critical deserialization flaw (CVE-2025-2566) allowing unauthenticated remote code execution and a credential exposure issue (CVE-2025-5087) transmitting sensitive data in cleartext. The company has released patches across multiple version branches and recommends isolating systems from the internet or implementing VPN access for organizations unable to immediately update.

**If you use Navis N4 Terminal Operating System, first check if it's isolated from the internet or requires internet connectivity. Then, prioritize updating to the latest patched version for your branch. If you can't update right away, isolate your N4 systems from the internet or disable the Ultra Light Client component on any internet-facing systems.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-5087(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-06-24T21:30:35

1 posts

Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials.

beyondmachines1@infosec.exchange at 2025-06-25T09:01:38.000Z ##

Security vulnerabilities reported in Kaleris Navis N4 terminal Operating System

Kaleris has patched critical vulnerabilities in its Navis N4 Terminal Operating System used for port operations, including a critical deserialization flaw (CVE-2025-2566) allowing unauthenticated remote code execution and a credential exposure issue (CVE-2025-5087) transmitting sensitive data in cleartext. The company has released patches across multiple version branches and recommends isolating systems from the internet or implementing VPN access for organizations unable to immediately update.

**If you use Navis N4 Terminal Operating System, first check if it's isolated from the internet or requires internet connectivity. Then, prioritize updating to the latest patched version for your branch. If you can't update right away, isolate your N4 systems from the internet or disable the Ultra Light Client component on any internet-facing systems.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-44531
(7.5 HIGH)

EPSS: 0.05%

updated 2025-06-24T21:30:28

2 posts

An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via sending a crafted before a pairing public key is received during a Bluetooth connection attempt.

cR0w at 2025-06-30T20:16:07.631Z ##

Get your Flippers out.

github.com/yangting111/BLE_TES

An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via sending a crafted before a pairing public key is received during a Bluetooth connection attempt.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T20:16:07.000Z ##

Get your Flippers out.

github.com/yangting111/BLE_TES

An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via sending a crafted before a pairing public key is received during a Bluetooth connection attempt.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2024-56731
(10.0 CRITICAL)

EPSS: 0.33%

updated 2025-06-24T19:00:21

3 posts

### Summary Due to the insufficient patch for the CVE-2024-39931, it's still possible to delete files under the `.git` directory and achieve remote command execution. ### Details In the patch for CVE-2024-39931, the following check is added: https://github.com/gogs/gogs/commit/77a4a945ae9a87f77e392e9066b560edb71b5de9 ```diff + // 🚨 SECURITY: Prevent uploading files into the ".git" directory + if

cR0w at 2025-06-30T20:03:10.613Z ##

Woohoo! Another perfect 10 from last week. And this could hit hard. 🥳

github.com/gogs/gogs/security/

sev:CRIT 10.0 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T20:03:10.000Z ##

Woohoo! Another perfect 10 from last week. And this could hit hard. 🥳

github.com/gogs/gogs/security/

sev:CRIT 10.0 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3.

nvd.nist.gov/vuln/detail/CVE-2

##

beyondmachines1@infosec.exchange at 2025-06-27T10:01:26.000Z ##

Critical Gogs flaw enables complete code repository takeover

Security researchers have disclosed a critical vulnerability (CVE-2024-56731) in the Gogs self-hosted Git service that allows authenticated attackers to execute arbitrary commands and gain administrative control through a symbolic link bypass enabling unprivileged users to delete critical system files and potentially conduct supply chain attacks.

**If you use Gogs self-hosted Git service, plan a quick upgrade to version 0.13.3. Your Gogs is vulnerable to a flaw that allows complete system takeover. If posible, isolate Gogs from the internet and if you can't upgrade right away, disable user registration in your Gogs configuration to prevent attackers from registering and exploiting this flaw. Then plan a patch cycle.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-6545(CVSS UNKNOWN)

EPSS: 0.09%

updated 2025-06-23T22:41:52

1 posts

### Summary This affects both: 1. Unsupported algos (e.g. `sha3-256` / `sha3-512` / `sha512-256`) 2. Supported but non-normalized algos (e.g. `Sha256` / `Sha512` / `SHA1` / `sha-1` / `sha-256` / `sha-512`) All of those work correctly in Node.js, but this polyfill silently returns highly predictable ouput Under Node.js (only with `pbkdf2/browser` import, unlikely) / Bun (`pbkdf2` top-level imp

CVE-2025-4563
(2.7 LOW)

EPSS: 0.02%

updated 2025-06-23T22:41:42

2 posts

A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods

Kubernetes@activitypub.awakari.com at 2025-06-25T12:47:14.000Z ## Kubernetes NodeRestriction Vulnerability Lets Nodes Bypass Resource Allocation Authorization A newly disclosed vulnerability in Kubernetes, tracked as CVE-2025-4563, enables nodes to bypass authori...

#Cyber #Security #News #Cybersecurity #Vulnerability #Cyber #Security #Cyber #security #news #vulnerability

Origin | Interest | Match ##

Kubernetes@activitypub.awakari.com at 2025-06-25T10:53:41.000Z ## Kubernetes NodeRestriction Flaw Lets Nodes Bypass Resource Authorization A critical security vulnerability (CVE-2025-4563) in Kubernetes allows nodes to bypass authorization checks for dynamic reso...

#CVE/vulnerability #Cyber #Security #News #Vulnerability #cyber #security

Origin | Interest | Match ##

CVE-2025-6374
(8.8 HIGH)

EPSS: 0.03%

updated 2025-06-23T21:31:56

2 posts

A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formSetACLFilter of the file /goform/formSetACLFilter. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6400
(8.8 HIGH)

EPSS: 0.17%

updated 2025-06-23T21:31:56

2 posts

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument service_type leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6402
(8.8 HIGH)

EPSS: 0.16%

updated 2025-06-23T21:31:56

2 posts

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-4981
(9.9 CRITICAL)

EPSS: 0.23%

updated 2025-06-23T20:16:40.143000

1 posts

Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequences in filenames, potentially leading to remote code execution. The vulnerability impacts instances

sublimer@mstdn.sublimer.me at 2025-06-23T10:59:55.000Z ##

Mattermostの任意コード実行の脆弱性、CVSS v3のスコアが9.9

NVD - CVE-2025-4981 : 👀
---
nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-49144
(7.3 HIGH)

EPSS: 0.01%

updated 2025-06-23T20:16:21.633000

5 posts

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicio

5 repos

https://github.com/b0ySie7e/Notepad-8.8.1_CVE-2025-49144

https://github.com/assad12341/notepad-v8.8.1-LPE-CVE-

https://github.com/TheTorjanCaptain/CVE-2025-49144_PoC

https://github.com/tristanvandermeer/CVE-2025-49144-Test

https://github.com/Vr00mm/CVE-2025-49144

ChrisShort@hachyderm.io at 2025-06-30T22:24:31.000Z ##

CVE Record: CVE-2025-49144 - Notepad++ Privilege Escalation In Installer Via Uncontrolled Executable Search Path #SuggestedRead #devopsish cve.org/CVERecord?id=CVE-2025-

##

ChrisShort@hachyderm.io at 2025-06-30T22:24:31.000Z ##

CVE Record: CVE-2025-49144 - Notepad++ Privilege Escalation In Installer Via Uncontrolled Executable Search Path #SuggestedRead #devopsish cve.org/CVERecord?id=CVE-2025-

##

AAKL@infosec.exchange at 2025-06-27T16:26:27.000Z ##

Sales pitch toward the end.

Bitdefender: Notepad++ Vulnerability (CVE-2025-49144) Lets Attackers Take Full System Control; PoC Released bitdefender.com/en-us/blog/hot #cybersecurity #infosec

##

jos1264@social.skynetcloud.site at 2025-06-25T21:40:03.000Z ##

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) helpnetsecurity.com/2025/06/25 #vulnerability #opensource #Don'tmiss #Hotstuff #News #PoC

##

benzogaga33@mamot.fr at 2025-06-24T09:40:02.000Z ##

Une faille dans Notepad++ menace Windows : un exploit PoC est disponible ! it-connect.fr/notepad-plus-plu #ActuCybersécurité #Cybersécurité #Vulnérabilité

##

CVE-2025-49132
(10.0 CRITICAL)

EPSS: 23.69%

updated 2025-06-23T20:16:21.633000

2 posts

Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it could be used to gain access to the Panel's server, read credentials from the Panel's config, extract s

Nuclei template

5 repos

https://github.com/nfoltc/CVE-2025-49132

https://github.com/Zen-kun04/CVE-2025-49132

https://github.com/melonlonmeo/CVE-2025-49132

https://github.com/63square/CVE-2025-49132

https://github.com/qiaojojo/CVE-2025-49132_poc

cR0w at 2025-06-30T21:50:38.647Z ##

FYI: There is a ton of scanning for this one for some reason.

/locales/locale.json?locale=../../../pterodactyl&namespace=config/database

/locales/locale.json?locale=../../config/&namespace=database

github.com/Zen-kun04/CVE-2025-

##

cR0w@infosec.exchange at 2025-06-30T21:50:38.000Z ##

FYI: There is a ton of scanning for this one for some reason.

/locales/locale.json?locale=../../../pterodactyl&namespace=config/database

/locales/locale.json?locale=../../config/&namespace=database

github.com/Zen-kun04/CVE-2025-

##

CVE-2025-6393
(8.8 HIGH)

EPSS: 0.65%

updated 2025-06-23T20:16:21.633000

2 posts

A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34029
(0 None)

EPSS: 1.10%

updated 2025-06-23T20:16:21.633000

2 posts

An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6510
(8.8 HIGH)

EPSS: 0.19%

updated 2025-06-23T20:16:21.633000

2 posts

A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this issue is the function sub_415EF8. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-50054
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-06-23T18:31:23

2 posts

Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash

DarkWebInformer@infosec.exchange at 2025-06-24T17:27:54.000Z ##

🚨CVE-2025-50054: Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash

ZoomEye Link: zoomeye.ai/searchResult?q=YXBw

Results: 2,020,603

ZoomEye Dork: app="OpenVPN"

Advisory: github.com/advisories/GHSA-c5v

CVSS: 5.5

—————————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive an extra 15-day membership.

I am trying to do more for the DWI community, so this is just the start! 💙

##

beyondmachines1@infosec.exchange at 2025-06-22T10:01:49.000Z ##

Critical vulnerability in OpenVPN Windows driver enables system crashes

OpenVPN has patched a critical buffer overflow vulnerability (CVE-2025-50054) in its Windows Data Channel Offload driver that allows unprivileged local attackers to crash systems by sending oversized control messages to the kernel driver. The flaw affects the default virtual network adapter used since OpenVPN version 2.6, with patches available in OpenVPN GUI versions 2.6.14-I002 and 2.7_alpha2-I001 or newer.

**This falls under "not great, not terrible". A malicious user or program on your computer can craft packets that abuse the OpenVPN driver and crash your system, repeatedly. So it's good to track OpenVPN for the next stable release and update your OpenVPN on Windows. But it's not a panic mode patch, because if attackers or malicious programs are on your computer, they are going to do a lot more harm than crash it by abusing OpenVPN.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-48706
(9.1 CRITICAL)

EPSS: 0.06%

updated 2025-06-23T18:31:23

1 posts

An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an out-of-bounds read vulnerability, sending a crafted BLE message forces the device to reboot.

CVE-2025-6511
(8.8 HIGH)

EPSS: 0.19%

updated 2025-06-23T18:30:33

2 posts

A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6487
(8.8 HIGH)

EPSS: 0.14%

updated 2025-06-22T18:30:31

2 posts

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6372
(8.8 HIGH)

EPSS: 0.03%

updated 2025-06-21T00:30:38

2 posts

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formSetWizard1 of the file /goform/formSetWizard1. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6371
(8.8 HIGH)

EPSS: 0.06%

updated 2025-06-21T00:30:38

2 posts

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affe

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6370
(8.8 HIGH)

EPSS: 0.03%

updated 2025-06-21T00:30:38

2 posts

A vulnerability classified as critical was found in D-Link DIR-619L 2.06B01. Affected by this vulnerability is the function formWlanGuestSetup of the file /goform/formWlanGuestSetup. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects product

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6368
(8.8 HIGH)

EPSS: 0.03%

updated 2025-06-21T00:30:37

2 posts

A vulnerability was found in D-Link DIR-619L 2.06B01. It has been rated as critical. This issue affects the function formSetEmail of the file /goform/formSetEmail. The manipulation of the argument curTime/config.smtp_email_subject leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6369
(8.8 HIGH)

EPSS: 0.03%

updated 2025-06-21T00:30:37

2 posts

A vulnerability classified as critical has been found in D-Link DIR-619L 2.06B01. Affected is the function formdumpeasysetup of the file /goform/formdumpeasysetup. The manipulation of the argument curTime/config.save_network_enabled leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability on

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-6367
(8.8 HIGH)

EPSS: 0.03%

updated 2025-06-20T21:32:14

2 posts

A vulnerability was found in D-Link DIR-619L 2.06B01. It has been declared as critical. This vulnerability affects unknown code of the file /goform/formSetDomainFilter. The manipulation of the argument curTime/sched_name_%d/url_%d leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34024(CVSS UNKNOWN)

EPSS: 0.64%

updated 2025-06-20T21:32:14

2 posts

An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the command parameter. An authenticated attacker can inject shell commands using shell metacharacters to achieve arbitrary command execution as the root user.

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34022(CVSS UNKNOWN)

EPSS: 0.26%

updated 2025-06-20T21:32:13

2 posts

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-34021(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-06-20T21:32:13

2 posts

A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The application fails to validate user-supplied input in JSON POST parameters such as ipnotify_address and url, which are used by internal mechanisms to perform ima

cR0w at 2025-06-30T20:26:54.281Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

cR0w@infosec.exchange at 2025-06-30T20:26:54.000Z ##

Everyone likes vulnerable network devices, right? Cool. Have fun. And as always, poke around the linked repos for more goodies.

Linksys:

exploit-db.com/exploits/31683

nvd.nist.gov/vuln/detail/CVE-2

github.com/CH13hh/tmp_store_cc

nvd.nist.gov/vuln/detail/CVE-2

github.com/feiwuxingxie/cve/bl

nvd.nist.gov/vuln/detail/CVE-2

D-Link:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

github.com/Synmac05/CVE-adviso

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/threat9/routersploi

nvd.nist.gov/vuln/detail/CVE-2

kdev.site/2025/04/02/d-link-82

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603693

nvd.nist.gov/vuln/detail/CVE-2

vuldb.com/?submit.603692

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

github.com/2664521593/mycve/bl

nvd.nist.gov/vuln/detail/CVE-2

Netgear:

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

github.com/xiaobor123/vul-find

nvd.nist.gov/vuln/detail/CVE-2

TOTOLINK:

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/c0nyy/IoT_vuln/blob

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/wudipjq/my_vuln/blo

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

github.com/awindog/cve/blob/ma

nvd.nist.gov/vuln/detail/CVE-2

Tenda:

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

lavender-bicycle-a5a.notion.si

nvd.nist.gov/vuln/detail/CVE-2

Edimax:

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

exploit-db.com/exploits/48377

nvd.nist.gov/vuln/detail/CVE-2

UTT:

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

github.com/d2pq/cve/blob/main/

nvd.nist.gov/vuln/detail/CVE-2

Advantech:

jro.sg/CVEs/CVE-2025-48469/

csa.gov.sg/alerts-and-advisori

nvd.nist.gov/vuln/detail/CVE-2

OptiLink:

exploit-db.com/exploits/49955

nvd.nist.gov/vuln/detail/CVE-2

Sapidio:

twcert.org.tw/tw/cp-132-10197-

nvd.nist.gov/vuln/detail/CVE-2

twcert.org.tw/tw/cp-132-10196-

nvd.nist.gov/vuln/detail/CVE-2

WIFISKY:

s4e.io/tools/wifisky-7-layer-f

nvd.nist.gov/vuln/detail/CVE-2

Vacron NVR:

ssd-disclosure.com/ssd-advisor

nvd.nist.gov/vuln/detail/CVE-2

Beward IP Camera:

cxsecurity.com/issue/WLB-20190

nvd.nist.gov/vuln/detail/CVE-2

Selea Targa IP Cameras:

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cxsecurity.com/issue/WLB-20210

nvd.nist.gov/vuln/detail/CVE-2

cc: @Dio9sys @da_667

##

CVE-2025-33117
(9.1 CRITICAL)

EPSS: 0.06%

updated 2025-06-19T18:31:56

1 posts

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands.

beyondmachines1@infosec.exchange at 2025-06-21T20:01:48.000Z ##

IBM reports multiple flawa in QRadar SIEM, at least one critical

IBM has disclosed multiple vulnerabilities in its QRadar SIEM platform, including a critical flaw (CVE-2025-33117) that allows privileged users to execute arbitrary commands through malicious file uploads and configuration modifications. The company has released patches in QRadar SIEM version 7.5.0 UP12 IF02 and urges immediate updates.

**If you're running IBM QRadar SIEM, plan an update to version 7.5.0 UP12 IF02. There is at least one critical patch to fix, but it's not a panic mode since it does require authentication and privileges within the system to be exploited. Just don't ignore the patch, someone will eventually abuse the flaws.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-20260
(9.8 CRITICAL)

EPSS: 0.14%

updated 2025-06-18T18:30:39

1 posts

A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a

marreg@digitalcourage.social at 2025-06-21T07:22:24.000Z ##

ClamAV 1.4.3 and 1.0.9 security patch versions published

Today, we are publishing the 1.4.3 and 1.0.9 security patch versions.

[....]

* CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF
file parser that could cause a denial-of-service (DoS) condition or
enable remote code execution.

This issue only affects configurations where both:

The max file-size scan limit is set greater than or equal to 1024MB.
The max scan-size scan limit is set greater than or equal to 1025MB.

The code flaw was present prior to version 1.0.0, but a change in
version 1.0.0 that enables larger allocations based on untrusted data
made it possible to trigger this bug.

This issue affects all currently supported versions. It will be fixed in:

1.4.3
1.0.9

Thank you to Greg Walkup at Sandia National Labs for identifying this issue.

blog.clamav.net/2025/06/clamav

##

CVE-2023-0386
(7.8 HIGH)

EPSS: 57.63%

updated 2025-06-18T15:00:59.680000

2 posts

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

14 repos

https://github.com/sxlmnwb/CVE-2023-0386

https://github.com/AiK1d/CVE-2023-0386

https://github.com/letsr00t/CVE-2023-0386

https://github.com/EstamelGG/CVE-2023-0386-libs

https://github.com/bchevCH/CVE-2023-0386

https://github.com/orilevy8/cve-2023-0386

https://github.com/xkaneiki/CVE-2023-0386

https://github.com/veritas501/CVE-2023-0386

https://github.com/Anekant-Singhai/Exploits

https://github.com/puckiestyle/CVE-2023-0386

https://github.com/Satheesh575555/linux-4.19.72_CVE-2023-0386

https://github.com/chenaotian/CVE-2023-0386

https://github.com/Fanxiaoyao66/CVE-2023-0386

https://github.com/churamanib/CVE-2023-0386

linux@activitypub.awakari.com at 2025-06-18T12:05:58.000Z ## CISA Flags CVE-2023-0386 as Actively Exploited Linux Kernel Privilege Escalation Threat The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about the active exploitation of ...

#Firewall #Daily #Cyber #News #Vulnerabilities #CVE-2023-0386 #Linux #kernel #Linux #Kernel #Privilege

Origin | Interest | Match ##

linux@activitypub.awakari.com at 2025-06-18T12:05:58.000Z ## CISA Flags CVE-2023-0386 as Actively Exploited Linux Kernel Privilege Escalation Threat The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about the active exploitation of ...

#Firewall #Daily #Cyber #News #Vulnerabilities #CVE-2023-0386 #Linux #kernel #Linux #Kernel #Privilege

Origin | Interest | Match ##

CVE-2025-49825
(9.8 CRITICAL)

EPSS: 0.24%

updated 2025-06-18T14:15:12

3 posts

### Impact A full technical disclosure and open-source patch will be published after the embargo period, ending on June 30th, to allow all users to upgrade. Teleport security engineers identified a critical security vulnerability that could allow remote authentication bypass of Teleport. Teleport Cloud Infrastructure and CI/CD build, test, and release infrastructure aren’t affected. For the

beyondmachines1@infosec.exchange at 2025-06-24T10:01:37.000Z ##

Critical remote authentication bypass flaw reported in Teleport access management platform

Teleport has disclosed a critical authentication bypass vulnerability (CVE-2025-49825) that allows remote attackers to completely bypass authentication controls and gain unauthorized access to servers, databases, and cloud applications managed through the platform. The company has released patches across all supported major releases and urges immediate manual upgrades for self-hosted deployments. Teleport is withholding technical details under embargo until June 30, 2025 to achieve higher update coverage.

**If you use self-hosted Teleport for infrastructure access, this is urgent and important. Immediately update to the latest patched version for your branch (17.5.2, 16.5.12, 15.5.3, 14.4.1, 13.4.27, or 12.4.35). Make sure to update both your Teleport proxy servers AND all agents - the vulnerability isn't fully patched until both components are upgraded.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

Kubernetes@activitypub.awakari.com at 2025-06-23T16:05:56.000Z ## Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls A critical vulnerability, designated as CVE-2025-49825 that enables attackers to remotely bypass authentication...

#Cyber #Security #Cyber #Security #News #Vulnerability

Origin | Interest | Match ##

Kubernetes@activitypub.awakari.com at 2025-06-23T14:29:53.000Z ## Critical Teleport Flaw Lets Attackers Bypass Authentication Remotely Teleport security engineers have disclosed a critical vulnerability (CVE-2025-49825) allowing remote attackers to bypass SSH aut...

#Cyber #Security #News #Cybersecurity #Vulnerability #Cyber #Security #Cyber #security #news #vulnerability

Origin | Interest | Match ##

CVE-2025-5349
(0 None)

EPSS: 0.03%

updated 2025-06-17T20:50:23.507000

2 posts

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway

GossiTheDog@cyberplace.social at 2025-06-25T12:48:23.000Z ##

Citrix on this one:

"At this time, there have been no reports or indications that the vulnerabilities described in CTX693420 (CVE-2025-5349 and CVE-2025-5777) are being actively exploited in the wild. However, due to the critical severity of these issues (CVSS scores of 8.7 and 9.3), We strongly recommends that affected customers apply the updated patches immediately to mitigate any potential risks."

##

beyondmachines1@infosec.exchange at 2025-06-23T12:01:23.000Z ##

Critical vulnerabilities discovered in Citrix NetScaler ADC and Gateway products

Citrix has patched two critical vulnerabilities in NetScaler ADC and Gateway products, including an unauthenticated memory overread flaw (CVE-2025-5777) that could expose sensitive data and an access control bypass on the management interface (CVE-2025-5349). The company strongly urges updates for customer-managed instances.

**If you have self-hosted Citrix NetScaler ADC or Gateway, check if your version is still supported and apply the security patches. This is especially important if your Citrix functions as a gateway/VPN server. Take note that versions 12.1 and 13.0 are end-of-life with no fixes available. After patching, restart all active user sessions to clear any potential compromises from these critical vulnerabilities.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-5777(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-06-17T15:31:16

13 posts

Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway

2 repos

https://github.com/mingshenhk/CitrixBleed-2-CVE-2025-5777-PoC-

https://github.com/nagenar/CVE-2025-5777-Session-Hijack

cisakevtracker@mastodon.social at 2025-06-30T18:00:49.000Z ##

CVE ID: CVE-2025-6543
Vendor: Citrix
Product: NetScaler ADC and Gateway
Date Added: 2025-06-30
Notes: support.citrix.com/support-hom ; netscaler.com/blog/news/netsca ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

cisakevtracker@mastodon.social at 2025-06-30T18:00:49.000Z ##

CVE ID: CVE-2025-6543
Vendor: Citrix
Product: NetScaler ADC and Gateway
Date Added: 2025-06-30
Notes: support.citrix.com/support-hom ; netscaler.com/blog/news/netsca ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

jos1264@social.skynetcloud.site at 2025-06-30T13:05:02.000Z ##

CitrixBleed 2 might be actively exploited (CVE-2025-5777) helpnetsecurity.com/2025/06/30 #vulnerability #enterprise #ReliaQuest #Don'tmiss #NetScaler #Hotstuff #Censys #Citrix #News

##

jos1264@social.skynetcloud.site at 2025-06-29T05:30:02.000Z ##

CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation – Source: securityboulevard.com ciso2ciso.com/cve-2025-5777-cv #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard

##

nopatience@swecyb.com at 2025-06-28T20:17:24.000Z ##

I love how statements like:

"Currently, there is no evidence to suggest exploitation of CVE-2025-5777."

... is NOT comforting at all. It pretty much sounds just like... "we found NO vulnerabilities in our LLM-generated application".

... and how on earth would Netscaler see targeted exploitation? Exactly... Netscaler wouldn't, you might however with appropriate monitoring.

netscaler.com/blog/news/netsca

#CitrixBleed2 #CVE_2025_5777 #Cybersecurity

##

beyondmachines1@infosec.exchange at 2025-06-28T15:01:26.000Z ##

Critical Citrix Netscaler "Citrix Bleed 2" flaw actively exploited

A critical vulnerability in Citrix NetScaler devices, dubbed "Citrix Bleed 2" (CVE-2025-5777), is now being actively exploited by threat actors according to ReliaQuest, raising concerns of a repeat of the devastating 2023 "Citrix Bleed" campaign that affected major companies like Boeing and Comcast's 36 million customers.

**This is now important and URGENT. Your Citrix NetScaler ADC or Gateway, exposed on the internet, they are actively attacked and exploited. After patching, you must terminate all active ICA and PCoIP sessions since they may already be compromised by attackers.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

gtronix@infosec.exchange at 2025-06-27T15:00:34.000Z ##

Citrix Bleed 2 flaw now believed to be exploited in attacks

[...] A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices.

bleepingcomputer.com/news/secu

#Cybersecurity

##

oversecurity@mastodon.social at 2025-06-27T14:41:12.000Z ##

Citrix Bleed 2 flaw now believed to be exploited in attacks

A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to...

🔗️ [Bleepingcomputer] link.is.it/uEldK5

##

GossiTheDog@cyberplace.social at 2025-06-25T12:48:23.000Z ##

Citrix on this one:

"At this time, there have been no reports or indications that the vulnerabilities described in CTX693420 (CVE-2025-5349 and CVE-2025-5777) are being actively exploited in the wild. However, due to the critical severity of these issues (CVSS scores of 8.7 and 9.3), We strongly recommends that affected customers apply the updated patches immediately to mitigate any potential risks."

##

GossiTheDog@cyberplace.social at 2025-06-24T14:26:57.000Z ##

An update on CVE-2025-5777, explaining why orgs should identify systems and patch.

doublepulsar.com/citrixbleed-2

##

beyondmachines1@infosec.exchange at 2025-06-23T12:01:23.000Z ##

Critical vulnerabilities discovered in Citrix NetScaler ADC and Gateway products

Citrix has patched two critical vulnerabilities in NetScaler ADC and Gateway products, including an unauthenticated memory overread flaw (CVE-2025-5777) that could expose sensitive data and an access control bypass on the management interface (CVE-2025-5349). The company strongly urges updates for customer-managed instances.

**If you have self-hosted Citrix NetScaler ADC or Gateway, check if your version is still supported and apply the security patches. This is especially important if your Citrix functions as a gateway/VPN server. Take note that versions 12.1 and 13.0 are end-of-life with no fixes available. After patching, restart all active user sessions to clear any potential compromises from these critical vulnerabilities.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

jos1264@social.skynetcloud.site at 2025-06-23T11:20:02.000Z ##

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) helpnetsecurity.com/2025/06/23 #securityupdate #vulnerability #enterprise #Don'tmiss #NetScaler #Hotstuff #Citrix #News

##

deepthoughts10@infosec.exchange at 2025-06-23T00:57:32.000Z ##

I don't know who uses #Citrix Netscalers any longer, but if you do, you've got some work to do to ensure that they are secure. The post describes the work you have to do -- in addition to applying the appropriate patches -- to address recent vulnerabilities. #cybersecurity

deyda.net/index.php/en/2025/06

##

CVE-2023-33538
(8.8 HIGH)

EPSS: 90.63%

updated 2025-06-16T21:32:22

1 posts

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .

2 repos

https://github.com/explxx/CVE-2023-33538

https://github.com/mrowkoob/CVE-2023-33538-msf

linux@activitypub.awakari.com at 2025-06-21T14:20:55.000Z ## Propust u TP-Link ruteru CVE-2023-33538 pod aktivnim napadom, CISA izdala hitno upozorenje Propusti na TP-Link i Zyxel ruterima su meta aktivnih napada, ugrožavaju korisnike širom svijeta i drža...

#Ranjivosti

Origin | Interest | Match ##

CVE-2025-36852(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-06-10T21:31:31

1 posts

A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those using Amazon S3, Google Cloud Storage, or similar object storage) that allows any contributor with pull request privileges to inject compromised artifacts from an untrusted environment into trusted production environments without detection.  The vulner

beyondmachines1@infosec.exchange at 2025-06-27T08:01:25.000Z ##

Critical build cache flaw exposes organizations to production code injection attacks

Security researchers at Nx have disclosed a critical vulnerability (CVE-2025-36852) nicknamed "CREEP" that exploits the "first-to-cache wins" principle in remote caching systems, allowing any developer with pull request access to inject malicious code into production environments through race conditions in shared build cache infrastructure. The vulnerability affects organizations using popular build tools with remote caching on platforms like Amazon S3 and Google Cloud Storage.

**If your CI/CD system uses remote caching (like S3 or Google Cloud Storage) review whether pull request builds can write to the same cache used by production builds. You may not want to do anything and be optimistic, but ideally consider disabling cache writes from untrusted pull request environments or implement isolated cache namespaces so PRs can only read from production cache but write to their own separate cache space.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2024-47081
(5.3 MEDIUM)

EPSS: 0.06%

updated 2025-06-09T19:06:12

1 posts

### Impact Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. ### Workarounds For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on your Requests Session ([docs](https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env)). ### References https

mmguero@infosec.exchange at 2025-06-23T16:36:25.000Z ##

Malcolm v25.06.0 includes a some new and oft-requested features, bug fixes, and component version bumps.

Compare v25.05.0 to v25.06.0

NOTE: As this Malcolm release enables the OpenSearch Security Plugin as described below, even inter-container access to OpenSearch must now be authenticated when using Malcolm's embedded OpenSearch instance. To accomplish this, an internal-use-only account and password is used for connecting to OpenSearch by Malcolm's other components as needed. This credential (saved in .opensearch.primary.curlrc in the Malcolm installation directory) needs to be generated before Malcolm starts up the first time after upgrading. To do so, please run ./scripts/auth_setup and select (Re)generate internal passwords for local primary OpenSearch instance. This credential is only used internally for OpenSearch and cannot be used to remotely access Malcolm.

  • ✨ Features and enhancements
    • This release adds role-based access control (RBAC) to Malcolm (cisagov/Malcolm#460).
      • Malcolm's RBAC feature is based on Keycloak realm roles and is implemented in to layers:
        1. Whenever possible, Malcolm's backend Keycloak realm roles are mapped to the roles/groups/permissions features provided by the components that make up Malcolm (see release notes for details)
        2. For other Malcolm components that don't implement their own permission management systems, Malcolm handles the enforcement roles based on request URIs in its NGINX proxy layer.
      • This is an optional feature. RBAC is only available when the authentication method is keycloak or keycloak_remote. With other authentication methods such as HTTP basic or LDAP, or when RBAC is disabled, all Malcolm users effectively have administrator privileges.
      • Because the OpenSearch Security Plugin requires TLS even internally, Malcolm's internal connections to the embedded OpenSearch instance, when used, are now all performed over HTTPS. However, this is all handled internally and should not behave or appear different to the user than it did in previous versions.
      • See the role-based access control documentation for more information on this feature.
    • Malcolm's embedded KeyCloak instance now automatically creates and configures the default client by ID, if specified in ./config/keycloak.env.
    • Allow user to specify subnet filters for NetBox autopopulation (cisagov/Malcolm#634)
      • This feature is especially useful for excluding dynamic address ranges such as those used by DHCP, which should generally not trigger autopopulation in NetBox. Since these addresses can change frequently and aren't tied to specific devices, including them could result in inaccurate or noisy inventory data. By fine-tuning which private subnets are included or excluded, users can ensure that only meaningful, typically static assignments are autopopulated.
    • Expose init arguments for Arkime's db.pl and also use them for Malcolm's creation of its own index templates (cisagov/Malcolm#692)
    • Extend Zeek's intel.log with additional fields using corelight/ExtendIntel (part 1) (cisagov/Malcolm#502)
      • This integrates the corelight/ExtendIntel plugin into Malcolm internally but does not significantly change how Malcolm presents intel.log to the user. Further work to do so will be continued in cisagov/Malcolm#695.
    • Some internal tweaks to the PCAP processing pipeline that are going to be leveraged by the Malcolm-Helm project (idaholab/Malcolm#630)
    • Handle a fix in the ICSNPP OPCUA-Binary plugin that adds a new sec_token_id field (cisagov/icsnpp-opcua-binary#101)
    • Moved the configuration for Zeek's use of the zeek-kafka plugin to its own file (kafka.zeek) to make it easier to override in Docker using a volume bind mount or in K8s using a configMap.
    • Changed some internal objects used for NetBox enrichment caching from Ruby's Concurrent::Hash to Concurrent::Map for better performance
    • Minor improvements to the icons, shortcuts, and convenience bash functions in the ISO-installed Malcolm desktop environment
    • NGINX now generates a robots.txt file to avoid web crawlers
  • ✅ Component version updates
  • 🐛 Bug fixes
    • NetBox autodiscovery no longer populating host name from DNS, DHCP, NTLM (regression, cisagov/Malcolm#699)
    • documentation served at /readme is trying to pull fonts from use.fontawesome.com (cisagov/Malcolm#694)
    • support fractional gigabytes correctly when generating Arkime's config.ini setting maxFileSizeG from PCAP_ROTATE_MEGABYTES
    • Improved logstash filters that calculate unique hashes used as document IDs for Zeek and Suricata logs to better prevent duplicate logs from being written to the document store
  • 🧹 Code and project maintenance
    • Tweaked some code comments and documentation to bring the cisagov and idaholab repos into harmony.
    • Documentation improvements
    • Removed some unused files and outdated comments

Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻‍♀️.

Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.

Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

#Malcolm #HedgehogLinux #rbac #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov

##

CVE-2025-20130
(4.9 MEDIUM)

EPSS: 0.04%

updated 2025-06-05T20:12:23.777000

1 posts

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request t

AAKL@infosec.exchange at 2025-06-24T15:52:02.000Z ##

Cisco posted this yesterday:

Cisco Identity Services Engine Arbitrary File Upload Vulnerability - CVE-2025-20130 (medium) sec.cloudapps.cisco.com/securi @TalosSecurity #cybersecurity #infosec

##

CVE-2025-4322
(9.8 CRITICAL)

EPSS: 24.99%

updated 2025-05-21T20:25:16.407000

1 posts

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user passwords, including those of administrators, and leverage that to gain access to the

Nuclei template

3 repos

https://github.com/IndominusRexes/CVE-2025-4322-Exploit

https://github.com/B1ack4sh/Blackash-CVE-2025-4322

https://github.com/Yucaerin/CVE-2025-4322

beyondmachines1@infosec.exchange at 2025-06-22T09:01:49.000Z ##

Active exploitation of critically vulnerable WordPress Motors theme

WordPress sites using the "Motors" automotive theme are under active attack through a critical privilege escalation vulnerability (CVE-2025-4322) that allows unauthenticated attackers to hijack administrator accounts by changing passwords without proper validation. Since mass exploitation began on June 7, 2025, Wordfence has blocked over 23,100 exploit attempts.

**If you are running Motors theme on your Wordpress, update IMMEDIATELY! Your site is vulnerable and hackers are attacking it. Don't delay this one, it urgent and important!**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

CVE-2025-4428
(7.2 HIGH)

EPSS: 21.12%

updated 2025-05-21T18:45:24.800000

1 posts

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.

2 repos

https://github.com/xie-22/CVE-2025-4428

https://github.com/watchtowrlabs/watchTowr-vs-Ivanti-EPMM-CVE-2025-4427-CVE-2025-4428

malmoeb@infosec.exchange at 2025-06-21T09:33:32.000Z ##

During various Ivanti Endpoint Manager Mobile investigations (CVE-2025-4428), we (as others in our field) saw that the threat actors dumped heap memory from the Tomcat Java processes using jcmd, in order to search the dumped data for sensitive information.

Have others seen this behavior in other campaigns, from other actors? Dumping heap memory to steal sensitive information? Elastic, for example, does not have an (open source) rule for jcmd.

Example command:
ps ax | grep java | grep tomcat | awk '{print $1}' | while read p; do jcmd $p GC.heap_dump /tmp/th.$p; done;

##

CVE-2024-6866
(5.3 MEDIUM)

EPSS: 0.05%

updated 2025-05-17T18:55:58

1 posts

corydolphin/flask-cors version 5.0.1 contains a vulnerability where the request path matching is case-insensitive due to the use of the `try_match` function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching treats them as case-insensitive. This misconfiguration can lead to significant security vulnerabiliti

mmguero@infosec.exchange at 2025-06-23T16:36:25.000Z ##

Malcolm v25.06.0 includes a some new and oft-requested features, bug fixes, and component version bumps.

Compare v25.05.0 to v25.06.0

NOTE: As this Malcolm release enables the OpenSearch Security Plugin as described below, even inter-container access to OpenSearch must now be authenticated when using Malcolm's embedded OpenSearch instance. To accomplish this, an internal-use-only account and password is used for connecting to OpenSearch by Malcolm's other components as needed. This credential (saved in .opensearch.primary.curlrc in the Malcolm installation directory) needs to be generated before Malcolm starts up the first time after upgrading. To do so, please run ./scripts/auth_setup and select (Re)generate internal passwords for local primary OpenSearch instance. This credential is only used internally for OpenSearch and cannot be used to remotely access Malcolm.

  • ✨ Features and enhancements
    • This release adds role-based access control (RBAC) to Malcolm (cisagov/Malcolm#460).
      • Malcolm's RBAC feature is based on Keycloak realm roles and is implemented in to layers:
        1. Whenever possible, Malcolm's backend Keycloak realm roles are mapped to the roles/groups/permissions features provided by the components that make up Malcolm (see release notes for details)
        2. For other Malcolm components that don't implement their own permission management systems, Malcolm handles the enforcement roles based on request URIs in its NGINX proxy layer.
      • This is an optional feature. RBAC is only available when the authentication method is keycloak or keycloak_remote. With other authentication methods such as HTTP basic or LDAP, or when RBAC is disabled, all Malcolm users effectively have administrator privileges.
      • Because the OpenSearch Security Plugin requires TLS even internally, Malcolm's internal connections to the embedded OpenSearch instance, when used, are now all performed over HTTPS. However, this is all handled internally and should not behave or appear different to the user than it did in previous versions.
      • See the role-based access control documentation for more information on this feature.
    • Malcolm's embedded KeyCloak instance now automatically creates and configures the default client by ID, if specified in ./config/keycloak.env.
    • Allow user to specify subnet filters for NetBox autopopulation (cisagov/Malcolm#634)
      • This feature is especially useful for excluding dynamic address ranges such as those used by DHCP, which should generally not trigger autopopulation in NetBox. Since these addresses can change frequently and aren't tied to specific devices, including them could result in inaccurate or noisy inventory data. By fine-tuning which private subnets are included or excluded, users can ensure that only meaningful, typically static assignments are autopopulated.
    • Expose init arguments for Arkime's db.pl and also use them for Malcolm's creation of its own index templates (cisagov/Malcolm#692)
    • Extend Zeek's intel.log with additional fields using corelight/ExtendIntel (part 1) (cisagov/Malcolm#502)
      • This integrates the corelight/ExtendIntel plugin into Malcolm internally but does not significantly change how Malcolm presents intel.log to the user. Further work to do so will be continued in cisagov/Malcolm#695.
    • Some internal tweaks to the PCAP processing pipeline that are going to be leveraged by the Malcolm-Helm project (idaholab/Malcolm#630)
    • Handle a fix in the ICSNPP OPCUA-Binary plugin that adds a new sec_token_id field (cisagov/icsnpp-opcua-binary#101)
    • Moved the configuration for Zeek's use of the zeek-kafka plugin to its own file (kafka.zeek) to make it easier to override in Docker using a volume bind mount or in K8s using a configMap.
    • Changed some internal objects used for NetBox enrichment caching from Ruby's Concurrent::Hash to Concurrent::Map for better performance
    • Minor improvements to the icons, shortcuts, and convenience bash functions in the ISO-installed Malcolm desktop environment
    • NGINX now generates a robots.txt file to avoid web crawlers
  • ✅ Component version updates
  • 🐛 Bug fixes
    • NetBox autodiscovery no longer populating host name from DNS, DHCP, NTLM (regression, cisagov/Malcolm#699)
    • documentation served at /readme is trying to pull fonts from use.fontawesome.com (cisagov/Malcolm#694)
    • support fractional gigabytes correctly when generating Arkime's config.ini setting maxFileSizeG from PCAP_ROTATE_MEGABYTES
    • Improved logstash filters that calculate unique hashes used as document IDs for Zeek and Suricata logs to better prevent duplicate logs from being written to the document store
  • 🧹 Code and project maintenance
    • Tweaked some code comments and documentation to bring the cisagov and idaholab repos into harmony.
    • Documentation improvements
    • Removed some unused files and outdated comments

Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻‍♀️.

Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.

Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

#Malcolm #HedgehogLinux #rbac #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov

##

CVE-2024-6844
(5.3 MEDIUM)

EPSS: 0.05%

updated 2025-05-17T18:54:45

1 posts

A vulnerability in corydolphin/flask-cors version 5.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths. The request.path is passed through the unquote_plus function, which converts the '+' character to a space ' '. This behavior leads to incorrect path normalization, causing potential mismatches in CORS configuration. As a result, endpoints may not be m

mmguero@infosec.exchange at 2025-06-23T16:36:25.000Z ##

Malcolm v25.06.0 includes a some new and oft-requested features, bug fixes, and component version bumps.

Compare v25.05.0 to v25.06.0

NOTE: As this Malcolm release enables the OpenSearch Security Plugin as described below, even inter-container access to OpenSearch must now be authenticated when using Malcolm's embedded OpenSearch instance. To accomplish this, an internal-use-only account and password is used for connecting to OpenSearch by Malcolm's other components as needed. This credential (saved in .opensearch.primary.curlrc in the Malcolm installation directory) needs to be generated before Malcolm starts up the first time after upgrading. To do so, please run ./scripts/auth_setup and select (Re)generate internal passwords for local primary OpenSearch instance. This credential is only used internally for OpenSearch and cannot be used to remotely access Malcolm.

  • ✨ Features and enhancements
    • This release adds role-based access control (RBAC) to Malcolm (cisagov/Malcolm#460).
      • Malcolm's RBAC feature is based on Keycloak realm roles and is implemented in to layers:
        1. Whenever possible, Malcolm's backend Keycloak realm roles are mapped to the roles/groups/permissions features provided by the components that make up Malcolm (see release notes for details)
        2. For other Malcolm components that don't implement their own permission management systems, Malcolm handles the enforcement roles based on request URIs in its NGINX proxy layer.
      • This is an optional feature. RBAC is only available when the authentication method is keycloak or keycloak_remote. With other authentication methods such as HTTP basic or LDAP, or when RBAC is disabled, all Malcolm users effectively have administrator privileges.
      • Because the OpenSearch Security Plugin requires TLS even internally, Malcolm's internal connections to the embedded OpenSearch instance, when used, are now all performed over HTTPS. However, this is all handled internally and should not behave or appear different to the user than it did in previous versions.
      • See the role-based access control documentation for more information on this feature.
    • Malcolm's embedded KeyCloak instance now automatically creates and configures the default client by ID, if specified in ./config/keycloak.env.
    • Allow user to specify subnet filters for NetBox autopopulation (cisagov/Malcolm#634)
      • This feature is especially useful for excluding dynamic address ranges such as those used by DHCP, which should generally not trigger autopopulation in NetBox. Since these addresses can change frequently and aren't tied to specific devices, including them could result in inaccurate or noisy inventory data. By fine-tuning which private subnets are included or excluded, users can ensure that only meaningful, typically static assignments are autopopulated.
    • Expose init arguments for Arkime's db.pl and also use them for Malcolm's creation of its own index templates (cisagov/Malcolm#692)
    • Extend Zeek's intel.log with additional fields using corelight/ExtendIntel (part 1) (cisagov/Malcolm#502)
      • This integrates the corelight/ExtendIntel plugin into Malcolm internally but does not significantly change how Malcolm presents intel.log to the user. Further work to do so will be continued in cisagov/Malcolm#695.
    • Some internal tweaks to the PCAP processing pipeline that are going to be leveraged by the Malcolm-Helm project (idaholab/Malcolm#630)
    • Handle a fix in the ICSNPP OPCUA-Binary plugin that adds a new sec_token_id field (cisagov/icsnpp-opcua-binary#101)
    • Moved the configuration for Zeek's use of the zeek-kafka plugin to its own file (kafka.zeek) to make it easier to override in Docker using a volume bind mount or in K8s using a configMap.
    • Changed some internal objects used for NetBox enrichment caching from Ruby's Concurrent::Hash to Concurrent::Map for better performance
    • Minor improvements to the icons, shortcuts, and convenience bash functions in the ISO-installed Malcolm desktop environment
    • NGINX now generates a robots.txt file to avoid web crawlers
  • ✅ Component version updates
  • 🐛 Bug fixes
    • NetBox autodiscovery no longer populating host name from DNS, DHCP, NTLM (regression, cisagov/Malcolm#699)
    • documentation served at /readme is trying to pull fonts from use.fontawesome.com (cisagov/Malcolm#694)
    • support fractional gigabytes correctly when generating Arkime's config.ini setting maxFileSizeG from PCAP_ROTATE_MEGABYTES
    • Improved logstash filters that calculate unique hashes used as document IDs for Zeek and Suricata logs to better prevent duplicate logs from being written to the document store
  • 🧹 Code and project maintenance
    • Tweaked some code comments and documentation to bring the cisagov and idaholab repos into harmony.
    • Documentation improvements
    • Removed some unused files and outdated comments

Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻‍♀️.

Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.

Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

#Malcolm #HedgehogLinux #rbac #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov

##

CVE-2025-4679
(6.5 MEDIUM)

EPSS: 0.05%

updated 2025-05-16T09:30:42

2 posts

A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors.

beyondmachines1 at 2025-06-30T14:01:21.515Z ##

Vulnerability in Synology Active Backup for Microsoft 365 exposes credentials, enables unauthorized access to Teams chats

Security researchers discovered a vulnerability (CVE-2025-4679) in Synology's Active Backup for Microsoft 365 that exposed a master credential in HTTP redirects, allowing attackers to gain unauthorized access to sensitive Microsoft 365 data across all organizations using the popular backup solution with over 1.2 million installations.

**If you use Synology's Active Backup for Microsoft 365, be aware that a critical flaw exposed your Microsoft 365 data to potential unauthorized access until recently. Even though Synology says they've fixed it, check your Microsoft 365 audit logs for any suspicious access and ensure your Synology system is fully updated. If developing applications, check if any of your responses contains secrets that shouldn't be there.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2025-06-30T14:01:21.000Z ##

Vulnerability in Synology Active Backup for Microsoft 365 exposes credentials, enables unauthorized access to Teams chats

Security researchers discovered a vulnerability (CVE-2025-4679) in Synology's Active Backup for Microsoft 365 that exposed a master credential in HTTP redirects, allowing attackers to gain unauthorized access to sensitive Microsoft 365 data across all organizations using the popular backup solution with over 1.2 million installations.

**If you use Synology's Active Backup for Microsoft 365, be aware that a critical flaw exposed your Microsoft 365 data to potential unauthorized access until recently. Even though Synology says they've fixed it, check your Microsoft 365 audit logs for any suspicious access and ensure your Synology system is fully updated. If developing applications, check if any of your responses contains secrets that shouldn't be there.**
#cybersecurity #infosec #advisory #databreach
beyondmachines.net/event_detai

##

CVE-2023-20198
(10.0 CRITICAL)

EPSS: 94.03%

updated 2025-05-15T18:37:33.893000

1 posts

Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command

Nuclei template

30 repos

https://github.com/IceBreakerCode/CVE-2023-20198

https://github.com/securityphoenix/cisco-CVE-2023-20198-tester

https://github.com/emomeni/Simple-Ansible-for-CVE-2023-20198

https://github.com/alekos3/CVE_2023_20198_Remediator

https://github.com/RevoltSecurities/CVE-2023-20198

https://github.com/vulncheck-oss/cisco-ios-xe-implant-scanner

https://github.com/AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-

https://github.com/Vulnmachines/Cisco_CVE-2023-20198

https://github.com/Arshit01/CVE-2023-20198

https://github.com/ohlawd/CVE-2023-20198

https://github.com/ZephrFish/CVE-2023-20198-Checker

https://github.com/raystr-atearedteam/CVE-2023-20198-checker

https://github.com/alekos3/CVE_2023_20198_Detector

https://github.com/netbell/CVE-2023-20198-Fix

https://github.com/fox-it/cisco-ios-xe-implant-detection

https://github.com/G4sul1n/Cisco-IOS-XE-CVE-2023-20198

https://github.com/Tounsi007/CVE-2023-20198

https://github.com/smokeintheshell/CVE-2023-20198

https://github.com/JoyGhoshs/CVE-2023-20198

https://github.com/Pushkarup/CVE-2023-20198

https://github.com/mr-r3b00t/CVE-2023-20198-IOS-XE-Scanner

https://github.com/sanan2004/CVE-2023-20198

https://github.com/Shadow0ps/CVE-2023-20198-Scanner

https://github.com/W01fh4cker/CVE-2023-20198-RCE

https://github.com/iveresk/cve-2023-20198

https://github.com/kacem-expereo/CVE-2023-20198

https://github.com/Atea-Redteam/CVE-2023-20198

https://github.com/XiaomingX/cve-2023-20198-poc

https://github.com/sohaibeb/CVE-2023-20198

https://github.com/reket99/Cisco_CVE-2023-20198

letoams@defcon.social at 2025-06-23T21:20:28.000Z ##

Canadian Telco not patching year old RCE 🙄

“The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February.

During the February 2025 incident, Salt Typhoon exploited the CVE-2023-20198 flaw, a critical Cisco IOS XE vulnerability allowing remote, unauthenticated attackers to create arbitrary accounts and gain admin-level privileges.”

bleepingcomputer.com/news/secu

##

CVE-2025-0133(CVSS UNKNOWN)

EPSS: 2.10%

updated 2025-05-14T21:31:25

1 posts

A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientl

Nuclei template

4 repos

https://github.com/wiseep/CVE-2025-0133

https://github.com/dodiorne/cve-2025-0133

https://github.com/ynsmroztas/-CVE-2025-0133-GlobalProtect-XSS

https://github.com/INTELEON404/CVE-2025-0133

SearchEngine@activitypub.awakari.com at 2025-06-28T06:45:26.000Z ## CVE-2025–0133 Made Easy — Find Vulnerable Assets in 2 Minutes 💥 CVE-2025–0133 Made Easy — Find Vulnerable Assets in 2 Minutes You don’t need fancy tools. You just need good ey...

#fofa #shodan #global-protect #recon

Origin | Interest | Match ##

CVE-2025-1087(CVSS UNKNOWN)

EPSS: 0.21%

updated 2025-05-09T12:31:40

1 posts

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript execution in the context of the application.

beyondmachines1@infosec.exchange at 2025-06-21T19:01:48.000Z ##

Critical vulnerability in Insomnia API client enables arbitrary code execution

A critical template injection vulnerability (CVE-2025-1087) in the Insomnia API Client allows attackers to execute arbitrary code through malicious collection files, UI fields, or HTTP cookies. Researchers have successfully bypassed three separate mitigation attempts by Kong since February 2025. Despite multiple patches, the vulnerability remains exploitable in the latest version 11.2.0 as of June 2025.

**If you're using Insomnia API Client, consider switching to an alternative like Postman or Bruno since this code execution vulnerability has been bypassed multiple times despite vendor patches and can cause your computer to execute malicious code. If you must continue using Insomnia, never import collection files from untrusted sources and avoid sending requests to unknown servers that could inject malicious cookies.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-32011
(9.8 CRITICAL)

EPSS: 0.32%

updated 2025-05-02T15:31:52

1 posts

KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal.

certvde at 2025-06-30T10:30:18.593Z ##

VDE-2025-046
Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory

CVE-2025-32011, CVE-2025-35996, CVE-2025-36558

certvde.com/en/advisories/VDE-

pilz.csaf-tp.certvde.com/.well

##

CVE-2025-35996
(9.1 CRITICAL)

EPSS: 0.09%

updated 2025-05-02T15:31:45

1 posts

KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker crafts a special filename that can be stored by API endpoints. That filename is later transmitted to the client in order to show a list of configuration files. Due to a missing escape or sanitization, the filename could be executed as HTML script tag resulting in a cross-site-scripting attack.

certvde at 2025-06-30T10:30:18.593Z ##

VDE-2025-046
Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory

CVE-2025-32011, CVE-2025-35996, CVE-2025-36558

certvde.com/en/advisories/VDE-

pilz.csaf-tp.certvde.com/.well

##

CVE-2025-36558
(6.1 MEDIUM)

EPSS: 0.06%

updated 2025-05-02T13:52:51.693000

1 posts

KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-site-scripting attack via the sso_token used for authentication. If an attacker provides the user with a PiCtory URL containing an HTML script as an sso_token, that script will reply to the user and be executed.

certvde at 2025-06-30T10:30:18.593Z ##

VDE-2025-046
Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory

CVE-2025-32011, CVE-2025-35996, CVE-2025-36558

certvde.com/en/advisories/VDE-

pilz.csaf-tp.certvde.com/.well

##

CVE-2024-39931
(9.9 CRITICAL)

EPSS: 1.37%

updated 2025-04-10T13:43:51.257000

2 posts

Gogs through 0.13.0 allows deletion of internal files.

cR0w at 2025-06-30T20:03:10.613Z ##

Woohoo! Another perfect 10 from last week. And this could hit hard. 🥳

github.com/gogs/gogs/security/

sev:CRIT 10.0 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T20:03:10.000Z ##

Woohoo! Another perfect 10 from last week. And this could hit hard. 🥳

github.com/gogs/gogs/security/

sev:CRIT 10.0 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-1974
(9.8 CRITICAL)

EPSS: 87.05%

updated 2025-03-27T16:45:46.410000

1 posts

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

Nuclei template

22 repos

https://github.com/Ar05un05kau05ndal/2025-1

https://github.com/chhhd/CVE-2025-1974

https://github.com/0xBingo/CVE-2025-1974

https://github.com/tuladhar/ingress-nightmare

https://github.com/Rickerd12/exploit-cve-2025-1974

https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps

https://github.com/m-q-t/ingressnightmare-detection-poc

https://github.com/zulloper/CVE-2025-1974

https://github.com/dttuss/IngressNightmare-RCE-POC

https://github.com/salt318/CVE-2025-1974

https://github.com/Rubby2001/CVE-2025-1974-go

https://github.com/rjhaikal/POC-IngressNightmare-CVE-2025-1974

https://github.com/lufeirider/IngressNightmare-PoC

https://github.com/yoshino-s/CVE-2025-1974

https://github.com/hi-unc1e/CVE-2025-1974-poc

https://github.com/B1ack4sh/Blackash-CVE-2025-1974

https://github.com/yanmarques/CVE-2025-1974

https://github.com/gian2dchris/ingress-nightmare-poc

https://github.com/hakaioffsec/IngressNightmare-PoC

https://github.com/abrewer251/CVE-2025-1974_IngressNightmare_PoC

https://github.com/sandumjacob/IngressNightmare-POCs

https://github.com/zwxxb/CVE-2025-1974

kubesploit@learnk8s.news at 2025-06-26T18:06:02.000Z ##

ingress-nginx CVE-2025-1974 vulnerability allows unauthenticated remote access to its admission controller, enabling full Kubernetes cluster takeover via RCE

Mitigation requires urgent patching, network hardening, and audit log inspection

ku.bz/Vb7mRcxpQ

##

CVE-2024-6839
(4.3 MEDIUM)

EPSS: 0.05%

updated 2025-03-20T10:15:33.743000

1 posts

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex pattern priority allows unauthorized cross-origin access to sensitive data or functionality, potentially ex

mmguero@infosec.exchange at 2025-06-23T16:36:25.000Z ##

Malcolm v25.06.0 includes a some new and oft-requested features, bug fixes, and component version bumps.

Compare v25.05.0 to v25.06.0

NOTE: As this Malcolm release enables the OpenSearch Security Plugin as described below, even inter-container access to OpenSearch must now be authenticated when using Malcolm's embedded OpenSearch instance. To accomplish this, an internal-use-only account and password is used for connecting to OpenSearch by Malcolm's other components as needed. This credential (saved in .opensearch.primary.curlrc in the Malcolm installation directory) needs to be generated before Malcolm starts up the first time after upgrading. To do so, please run ./scripts/auth_setup and select (Re)generate internal passwords for local primary OpenSearch instance. This credential is only used internally for OpenSearch and cannot be used to remotely access Malcolm.

  • ✨ Features and enhancements
    • This release adds role-based access control (RBAC) to Malcolm (cisagov/Malcolm#460).
      • Malcolm's RBAC feature is based on Keycloak realm roles and is implemented in to layers:
        1. Whenever possible, Malcolm's backend Keycloak realm roles are mapped to the roles/groups/permissions features provided by the components that make up Malcolm (see release notes for details)
        2. For other Malcolm components that don't implement their own permission management systems, Malcolm handles the enforcement roles based on request URIs in its NGINX proxy layer.
      • This is an optional feature. RBAC is only available when the authentication method is keycloak or keycloak_remote. With other authentication methods such as HTTP basic or LDAP, or when RBAC is disabled, all Malcolm users effectively have administrator privileges.
      • Because the OpenSearch Security Plugin requires TLS even internally, Malcolm's internal connections to the embedded OpenSearch instance, when used, are now all performed over HTTPS. However, this is all handled internally and should not behave or appear different to the user than it did in previous versions.
      • See the role-based access control documentation for more information on this feature.
    • Malcolm's embedded KeyCloak instance now automatically creates and configures the default client by ID, if specified in ./config/keycloak.env.
    • Allow user to specify subnet filters for NetBox autopopulation (cisagov/Malcolm#634)
      • This feature is especially useful for excluding dynamic address ranges such as those used by DHCP, which should generally not trigger autopopulation in NetBox. Since these addresses can change frequently and aren't tied to specific devices, including them could result in inaccurate or noisy inventory data. By fine-tuning which private subnets are included or excluded, users can ensure that only meaningful, typically static assignments are autopopulated.
    • Expose init arguments for Arkime's db.pl and also use them for Malcolm's creation of its own index templates (cisagov/Malcolm#692)
    • Extend Zeek's intel.log with additional fields using corelight/ExtendIntel (part 1) (cisagov/Malcolm#502)
      • This integrates the corelight/ExtendIntel plugin into Malcolm internally but does not significantly change how Malcolm presents intel.log to the user. Further work to do so will be continued in cisagov/Malcolm#695.
    • Some internal tweaks to the PCAP processing pipeline that are going to be leveraged by the Malcolm-Helm project (idaholab/Malcolm#630)
    • Handle a fix in the ICSNPP OPCUA-Binary plugin that adds a new sec_token_id field (cisagov/icsnpp-opcua-binary#101)
    • Moved the configuration for Zeek's use of the zeek-kafka plugin to its own file (kafka.zeek) to make it easier to override in Docker using a volume bind mount or in K8s using a configMap.
    • Changed some internal objects used for NetBox enrichment caching from Ruby's Concurrent::Hash to Concurrent::Map for better performance
    • Minor improvements to the icons, shortcuts, and convenience bash functions in the ISO-installed Malcolm desktop environment
    • NGINX now generates a robots.txt file to avoid web crawlers
  • ✅ Component version updates
  • 🐛 Bug fixes
    • NetBox autodiscovery no longer populating host name from DNS, DHCP, NTLM (regression, cisagov/Malcolm#699)
    • documentation served at /readme is trying to pull fonts from use.fontawesome.com (cisagov/Malcolm#694)
    • support fractional gigabytes correctly when generating Arkime's config.ini setting maxFileSizeG from PCAP_ROTATE_MEGABYTES
    • Improved logstash filters that calculate unique hashes used as document IDs for Zeek and Suricata logs to better prevent duplicate logs from being written to the document store
  • 🧹 Code and project maintenance
    • Tweaked some code comments and documentation to bring the cisagov and idaholab repos into harmony.
    • Documentation improvements
    • Removed some unused files and outdated comments

Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻‍♀️.

Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.

Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

#Malcolm #HedgehogLinux #rbac #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov

##

CVE-2025-1767
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-03-14T17:30:07

1 posts

A security vulnerability was discovered in Kubernetes that could allow a user with create pod permission to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has be

kubesploit@learnk8s.news at 2025-06-24T18:06:03.000Z ##

This post analyzes CVE-2025-1767, a Kubernetes vulnerability where gitRepo volumes let pods clone any host-local Git repo if the attacker knows the path

ku.bz/CDGd1YFlx

##

CVE-2023-28771
(9.8 CRITICAL)

EPSS: 94.35%

updated 2025-03-13T16:16:59.950000

3 posts

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.

2 repos

https://github.com/benjaminhays/CVE-2023-28771-PoC

https://github.com/getdrive/PoC

CVE-2022-22965
(9.8 CRITICAL)

EPSS: 94.46%

updated 2025-01-29T18:38:40

1 posts

Spring Framework prior to versions 5.2.20 and 5.3.18 contains a remote code execution vulnerability known as `Spring4Shell`. ## Impact A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot ex

Nuclei template

99 repos

https://github.com/D1mang/Spring4Shell-CVE-2022-22965

https://github.com/itsecurityco/CVE-2022-22965

https://github.com/4nth0ny1130/spring4shell_behinder

https://github.com/p1ckzi/CVE-2022-22965

https://github.com/khidottrivi/CVE-2022-22965

https://github.com/fransvanbuul/CVE-2022-22965-susceptibility

https://github.com/reznok/Spring4Shell-POC

https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main

https://github.com/irgoncalves/f5-waf-enforce-sig-Spring4Shell

https://github.com/mariomamo/CVE-2022-22965

https://github.com/twseptian/cve-2022-22965

https://github.com/ajith737/Spring4Shell-CVE-2022-22965-POC

https://github.com/datawiza-inc/spring-rec-demo

https://github.com/Loneyers/Spring4Shell

https://github.com/west-wind/Spring4Shell-Detection

https://github.com/DanielFEXKEX/CVE-Scanner

https://github.com/alt3kx/CVE-2022-22965

https://github.com/t3amj3ff/Spring4ShellPoC

https://github.com/cxzero/CVE-2022-22965-spring4shell

https://github.com/delyee/Spring4Shell

https://github.com/Snip3R69/spring-shell-vuln

https://github.com/0xrobiul/CVE-2022-22965

https://github.com/AabyssZG/SpringBoot-Scan

https://github.com/fracturelabs/go-scan-spring

https://github.com/Kirill89/CVE-2022-22965-PoC

https://github.com/guigui237/Expoitation-de-la-vuln-rabilit-CVE-2022-22965

https://github.com/gpiechnik2/nmap-spring4shell

https://github.com/Mr-xn/spring-core-rce

https://github.com/jschauma/check-springshell

https://github.com/xsxtw/SpringFramework_CVE-2022-22965_RCE

https://github.com/snicoll-scratches/spring-boot-cve-2022-22965

https://github.com/0xr1l3s/CVE-2022-22965

https://github.com/ZapcoMan/spring4shell-vulnerable-application

https://github.com/XuCcc/VulEnv

https://github.com/LudovicPatho/CVE-2022-22965_Spring4Shell

https://github.com/TheGejr/SpringShell

https://github.com/LucasPDiniz/CVE-2022-22965

https://github.com/mebibite/springhound

https://github.com/Omaraitbenhaddi/-Spring4Shell-CVE-2022-22965-

https://github.com/BKLockly/CVE-2022-22965

https://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck

https://github.com/Qualys/spring4scanwin

https://github.com/dbgee/Spring4Shell

https://github.com/devengpk/CVE-2022-22965

https://github.com/helsecert/CVE-2022-22965

https://github.com/Enokiy/spring-RCE-CVE-2022-22965

https://github.com/sinjap/spring4shell

https://github.com/sunnyvale-it/CVE-2022-22965-PoC

https://github.com/c33dd/CVE-2022-22965

https://github.com/wshon/spring-framework-rce

https://github.com/irgoncalves/irule-cve-2022-22965

https://github.com/bL34cHig0/Telstra-Cybersecurity-Virtual-Experience-

https://github.com/likewhite/CVE-2022-22965

https://github.com/tpt11fb/SpringVulScan

https://github.com/Joe1sn/CVE-2022-22965

https://github.com/SecNN/SpringFramework_CVE-2022-22965_RCE

https://github.com/GuayoyoCyber/CVE-2022-22965

https://github.com/jakabakos/CVE-2022-22965-Spring4Shell

https://github.com/luoqianlin/CVE-2022-22965

https://github.com/colincowie/Safer_PoC_CVE-2022-22965

https://github.com/kh4sh3i/Spring-CVE

https://github.com/mwojterski/cve-2022-22965

https://github.com/c4mx/CVE-2022-22965_PoC

https://github.com/DDuarte/springshell-rce-poc

https://github.com/ESSAFAR/Firewall-Rules

https://github.com/khulnasoft-lab/awesome-security

https://github.com/zer0yu/CVE-2022-22965

https://github.com/CalumHutton/CVE-2022-22965-PoC_Payara

https://github.com/alt3kx/CVE-2022-22965_PoC

https://github.com/clemoregan/SSE4-CVE-2022-22965

https://github.com/te5t321/Spring4Shell-CVE-2022-22965.py

https://github.com/FourCoreLabs/spring4shell-exploit-poc

https://github.com/Aur3ns/Block-Spring4Shell

https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce

https://github.com/iloveflag/Fast-CVE-2022-22965

https://github.com/zangcc/CVE-2022-22965-rexbb

https://github.com/rwincey/spring4shell-CVE-2022-22965

https://github.com/fracturelabs/spring4shell_victim

https://github.com/viniciuspereiras/CVE-2022-22965-poc

https://github.com/gokul-ramesh/Spring4Shell-PoC-exploit

https://github.com/netcode/Spring4shell-CVE-2022-22965-POC

https://github.com/brunoh6/web-threat-mitigation

https://github.com/wikiZ/springboot_CVE-2022-22965

https://github.com/BobTheShoplifter/Spring4Shell-POC

https://github.com/me2nuk/CVE-2022-22965

https://github.com/anair-it/springshell-vuln-POC

https://github.com/HackJava/Spring

https://github.com/nu0l/CVE-2022-22965

https://github.com/ClemExp/CVE-2022-22965-PoC

https://github.com/sohamsharma966/Spring4Shell-CVE-2022-22965

https://github.com/e21-AS/telstra-cybersecurity-experience

https://github.com/Wrin9/CVE-2022-22965

https://github.com/wjl110/CVE-2022-22965_Spring_Core_RCE

https://github.com/Bouquets-ai/CVE-2022-22965-GUItools

https://github.com/jashan-lefty/Spring4Shell

https://github.com/k3rwin/spring-core-rce

https://github.com/lcarea/CVE-2022-22965

https://github.com/WuliRuler/SBSCAN

https://github.com/liangyueliangyue/spring-core-rce

malmoeb@infosec.exchange at 2025-06-22T17:18:19.000Z ##

An attacker downloaded a freely available webshell from GitHub and stored it under the installation path of the legitimate SAP installation in the recent SAP Visual Composer exploitation, "disguised" as a PHPMyAdmin file (see image).

The code itself is relatively simple, accepting a base64-encoded class via HTTP on a specified parameter, to dynamically load and run that class.

That type of Webshell, from the AntSwordProject [1], was also named by Mandiant last year in conjunction with an investigated APT41 intrusion, as well as in some reports from PaloAlto [2,3,4].

Given that most Linux servers are not equipped with an EDR or an AV, how would you detect such a webshell on your servers? The curated YARA rule from Florian Roth is a good starting point for hunting through your web and application folders to find hidden malicious files. [5] Velociraptor's Yara artifact is one example of how to accomplish this.

[1] github.com/AntSwordProject
[2] cloud.google.com/blog/topics/t
[3] unit42.paloaltonetworks.com/cv
[4] unit42.paloaltonetworks.com/ac
[5] raw.githubusercontent.com/Neo2

##

CVE-2025-0056
(6.0 MEDIUM)

EPSS: 0.02%

updated 2025-01-14T03:31:48

2 posts

SAP GUI for Java saves user input on the client PC to improve usability. An attacker with administrative privileges or access to the victim�s user directory on the Operating System level would be able to read this data. Depending on the user input provided in transactions, the disclosed data could range from non-critical data to highly sensitive data, causing high impact on confidentiality of the

jbhall56@infosec.exchange at 2025-06-26T12:14:02.000Z ##

The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January 2025. thehackernews.com/2025/06/citr

##

AAKL@infosec.exchange at 2025-06-25T15:01:50.000Z ##

These have been patched.

Pathlock: Responsible Disclosure: Vulnerabilities in SAP GUI Client (CVE-2025-0056 & CVE-2025-0055) pathlock.com/blog/security-ale

More:

The Hacker News: Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure thehackernews.com/2025/06/citr @thehackernews #cybersecurity #Infosec #Windows #Java

##

CVE-2025-0055
(6.0 MEDIUM)

EPSS: 0.02%

updated 2025-01-14T03:31:48

2 posts

SAP GUI for Windows stores user input on the client PC to improve usability. Under very specific circumstances an attacker with administrative privileges or access to the victim�s user directory on the Operating System level would be able to read this data. Depending on the user input provided in transactions, the disclosed data could range from non-critical data to highly sensitive data, causing

jbhall56@infosec.exchange at 2025-06-26T12:14:02.000Z ##

The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January 2025. thehackernews.com/2025/06/citr

##

AAKL@infosec.exchange at 2025-06-25T15:01:50.000Z ##

These have been patched.

Pathlock: Responsible Disclosure: Vulnerabilities in SAP GUI Client (CVE-2025-0056 & CVE-2025-0055) pathlock.com/blog/security-ale

More:

The Hacker News: Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure thehackernews.com/2025/06/citr @thehackernews #cybersecurity #Infosec #Windows #Java

##

CVE-2019-6693
(6.5 MEDIUM)

EPSS: 76.49%

updated 2024-04-11T21:02:46

2 posts

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).

3 repos

https://github.com/gquere/CVE-2019-6693

https://github.com/synacktiv/CVE-2020-9289

https://github.com/saladandonionrings/cve-2019-6693

AAKL@infosec.exchange at 2025-06-25T17:03:57.000Z ##

New.

CISA has added to the KEV catalogue. The usual suspects are back.

- CVE-2024-54085: AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability cve.org/CVERecord?id=CVE-2024-

- CVE-2024-0769: D-Link DIR-859 Router Path Traversal Vulnerability cve.org/CVERecord?id=CVE-2024-

- CVE-2019-6693: Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability cve.org/CVERecord?id=CVE-2019- #cybersecurity #CISA #infosec

##

cisakevtracker@mastodon.social at 2025-06-25T17:00:52.000Z ##

CVE ID: CVE-2019-6693
Vendor: Fortinet
Product: FortiOS
Date Added: 2025-06-25
Notes: fortiguard.com/advisory/FG-IR- ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2023-36934
(9.1 CRITICAL)

EPSS: 91.69%

updated 2024-04-04T05:23:52

2 posts

In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MO

Nuclei template

LMGsecurity at 2025-06-30T13:51:47.837Z ##

New mass scanning activity may be the first step in another MOVEit attack.

Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.

Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.

If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.

Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed

Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.

Read the article for details: cuinfosecurity.com/scans-probi

##

LMGsecurity@infosec.exchange at 2025-06-30T13:51:47.000Z ##

New mass scanning activity may be the first step in another MOVEit attack.

Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.

Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.

If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.

Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed

Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.

Read the article for details: cuinfosecurity.com/scans-probi

#MOVEit #Cybersecurity #MassScanning #ThreatIntel #AttackSurface #LMGSecurity #Infosec #ITsecurity #databreach #CISO #DFIR #pentesting #pentest #penetrationtesting

##

CVE-2023-34362
(9.8 CRITICAL)

EPSS: 94.48%

updated 2024-04-04T04:29:06

2 posts

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an

Nuclei template

11 repos

https://github.com/horizon3ai/CVE-2023-34362

https://github.com/sfewer-r7/CVE-2023-34362

https://github.com/toorandom/moveit-payload-decrypt-CVE-2023-34362

https://github.com/Malwareman007/CVE-2023-34362

https://github.com/kenbuckler/MOVEit-CVE-2023-34362

https://github.com/deepinstinct/MOVEit_CVE-2023-34362_IOCs

https://github.com/Chinyemba-ck/MOVEit-CVE-2023-34362

https://github.com/glen-pearson/MoveIT-CVE-2023-34362-RCE

https://github.com/lithuanian-g/cve-2023-34362-iocs

https://github.com/aditibv/MOVEit-CVE-2023-34362

https://github.com/errorfiathck/MOVEit-Exploit

LMGsecurity at 2025-06-30T13:51:47.837Z ##

New mass scanning activity may be the first step in another MOVEit attack.

Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.

Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.

If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.

Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed

Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.

Read the article for details: cuinfosecurity.com/scans-probi

##

LMGsecurity@infosec.exchange at 2025-06-30T13:51:47.000Z ##

New mass scanning activity may be the first step in another MOVEit attack.

Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.

Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.

If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.

Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed

Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.

Read the article for details: cuinfosecurity.com/scans-probi

#MOVEit #Cybersecurity #MassScanning #ThreatIntel #AttackSurface #LMGSecurity #Infosec #ITsecurity #databreach #CISO #DFIR #pentesting #pentest #penetrationtesting

##

CVE-2024-0769
(5.3 MEDIUM)

EPSS: 75.56%

updated 2024-01-21T09:30:39

2 posts

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler. The manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml leads to path traversal. The attack may be launched re

AAKL@infosec.exchange at 2025-06-25T17:03:57.000Z ##

New.

CISA has added to the KEV catalogue. The usual suspects are back.

- CVE-2024-54085: AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability cve.org/CVERecord?id=CVE-2024-

- CVE-2024-0769: D-Link DIR-859 Router Path Traversal Vulnerability cve.org/CVERecord?id=CVE-2024-

- CVE-2019-6693: Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability cve.org/CVERecord?id=CVE-2019- #cybersecurity #CISA #infosec

##

cisakevtracker@mastodon.social at 2025-06-25T17:01:07.000Z ##

CVE ID: CVE-2024-0769
Vendor: D-Link
Product: DIR-859 Router
Date Added: 2025-06-25
Notes: supportannouncement.us.dlink.c ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2021-40444
(7.8 HIGH)

EPSS: 94.29%

updated 2024-01-06T05:06:00

1 posts

Microsoft MSHTML Remote Code Execution Vulnerability

42 repos

https://github.com/k4k4/CVE-2021-40444-Sample

https://github.com/aslitsecurity/CVE-2021-40444_builders

https://github.com/aydianosec/CVE2021-40444

https://github.com/fengjixuchui/CVE-2021-40444-docx-Generate

https://github.com/skitkat/CVE-2021-40444-POC

https://github.com/kal1gh0st/CVE-2021-40444_CAB_archives

https://github.com/tiagob0b/CVE-2021-40444

https://github.com/DarkSprings/CVE-2021-40444

https://github.com/k8gege/CVE-2021-40444

https://github.com/LazarusReborn/Docx-Exploit-2021

https://github.com/rfcxv/CVE-2021-40444-POC

https://github.com/Phuong39/CVE-2021-40444-CAB

https://github.com/basim-ahmad/Follina-CVE-and-CVE-2021-40444

https://github.com/klezVirus/CVE-2021-40444

https://github.com/Immersive-Labs-Sec/cve-2021-40444-analysis

https://github.com/nvchungkma/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution-

https://github.com/hqdat809/CVE-2021-40444

https://github.com/lisinan988/CVE-2021-40444-exp

https://github.com/vysecurity/CVE-2021-40444

https://github.com/H0j3n/CVE-2021-40444

https://github.com/RedLeavesChilde/CVE-2021-40444

https://github.com/bambooqj/CVE-2021-40444_EXP_JS

https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit

https://github.com/lockedbyte/CVE-2021-40444

https://github.com/jamesrep/cve-2021-40444

https://github.com/metehangenel/MSHTML-CVE-2021-40444

https://github.com/khoaduynu/CVE-2021-40444

https://github.com/Zeop-CyberSec/word_mshtml

https://github.com/Alexcot25051999/CVE-2021-40444

https://github.com/Jeromeyoung/MSHTMHell

https://github.com/kagura-maru/CVE-2021-40444-POC

https://github.com/Edubr2020/CVE-2021-40444--CABless

https://github.com/Ascotbe/Kernelhub

https://github.com/W1kyri3/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx

https://github.com/InfoSecPolkCounty/CVE2021-40444-document-Scanner

https://github.com/MRacumen/CVE-2021-40444

https://github.com/mansk1es/Caboom

https://github.com/MohamedAboHelal/CVE-2021-40444

https://github.com/ozergoker/CVE-2021-40444

https://github.com/Jeromeyoung/TIC4301_Project

https://github.com/winstxnhdw/CVE-2022-30190

https://github.com/KnoooW/CVE-2021-40444-docx-Generate

linux@activitypub.awakari.com at 2025-06-24T07:43:34.000Z ## Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444 June 2025 • by a SOC Analyst | Threat Hunting | Malware Analysis ⚠️ Introduction In this post, we take you throug...

#malware-analysis #malware-protection #blue-team #cybersecurity #cyberattack

Origin | Interest | Match ##

CVE-2025-47812
(0 None)

EPSS: 0.00%

2 posts

N/A

CVE-2025-52562
(0 None)

EPSS: 1.48%

2 posts

N/A

cR0w at 2025-06-30T19:01:17.528Z ##

Oh my. Perfect 10 ../ in a KVM server management panel.

github.com/ConvoyPanel/panel/s

sev:CRIT 10.0 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Convoy is a KVM server management panel for hosting businesses. In versions 3.9.0-rc3 to before 4.4.1, there is a directory traversal vulnerability in the LocaleController component of Performave Convoy. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious locale and namespace parameters. This allows the attacker to include and execute arbitrary PHP files on the server. This issue has been patched in version 4.4.1. A temporary workaround involves implementing strict Web Application Firewall (WAF) rules to incoming requests targeting the vulnerable endpoints.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T19:01:17.000Z ##

Oh my. Perfect 10 ../ in a KVM server management panel.

github.com/ConvoyPanel/panel/s

sev:CRIT 10.0 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Convoy is a KVM server management panel for hosting businesses. In versions 3.9.0-rc3 to before 4.4.1, there is a directory traversal vulnerability in the LocaleController component of Performave Convoy. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious locale and namespace parameters. This allows the attacker to include and execute arbitrary PHP files on the server. This issue has been patched in version 4.4.1. A temporary workaround involves implementing strict Web Application Firewall (WAF) rules to incoming requests targeting the vulnerable endpoints.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-53094
(0 None)

EPSS: 0.04%

2 posts

N/A

cR0w at 2025-06-30T14:03:27.692Z ##

I know a bunch of you nerds like playing with ESP32s, etc.

sev:HIGH 8.7 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

ESPAsyncWebServer is an asynchronous HTTP and WebSocket server library for ESP32, ESP8266, RP2040 and RP2350. In versions up to and including 3.7.8, a CRLF (Carriage Return Line Feed) injection vulnerability exists in the construction and output of HTTP headers within AsyncWebHeader.cpp. Unsanitized input allows attackers to inject CR (\r) or LF (\n) characters into header names or values, leading to arbitrary header or response manipulation. Manipulation of HTTP headers and responses can enable a wide range of attacks, making the severity of this vulnerability high. A fix is available at pull request 211 and is expected to be part of version 3.7.9.

nvd.nist.gov/vuln/detail/CVE-2

##

cR0w@infosec.exchange at 2025-06-30T14:03:27.000Z ##

I know a bunch of you nerds like playing with ESP32s, etc.

sev:HIGH 8.7 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

ESPAsyncWebServer is an asynchronous HTTP and WebSocket server library for ESP32, ESP8266, RP2040 and RP2350. In versions up to and including 3.7.8, a CRLF (Carriage Return Line Feed) injection vulnerability exists in the construction and output of HTTP headers within AsyncWebHeader.cpp. Unsanitized input allows attackers to inject CR (\r) or LF (\n) characters into header names or values, leading to arbitrary header or response manipulation. Manipulation of HTTP headers and responses can enable a wide range of attacks, making the severity of this vulnerability high. A fix is available at pull request 211 and is expected to be part of version 3.7.9.

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-1234
(0 None)

EPSS: 0.00%

1 posts

N/A

undercodenews@mastodon.social at 2025-06-29T17:09:03.000Z ##

Thousands of Servers Still Vulnerable to Apache Struts RCE CVE-2025-1234

If you use Apache Airflow with Snowflake, assume you’re at risk until proven otherwise. 🛑 HOW THE EXPLOIT WORKS The vulnerability (CVE-2025-XXXXX) lets attackers inject malicious SQL through: Unsanitized stage names (@'attackers_stage') Unfiltered table parameters in CopyFromExternalStageToSnowflakeOperator Example attack payload: COPY INTO payroll_data FROM @'hacker_stage'PATTERN = '.'…

undercodenews.com/thousands-of

##

CVE-2024-21969
(0 None)

EPSS: 0.00%

1 posts

N/A

AAKL@infosec.exchange at 2025-06-24T15:06:47.000Z ##

AMD posted this yesterday, relating to CVE-2024-21969: "Improper clearing of GPU registers could allow a malicious shader to read left-over pixel data leading to loss of confidentiality."

AMD: Uninitialized GPU Register Access, medium severity amd.com/en/resources/product-s #cybersecurity #infosec #AMD

##

_r_netsec@infosec.exchange at 2025-06-24T14:13:06.000Z ##

Remote code execution in CentOS Web Panel - CVE-2025-48703 fenrisk.com/rce-centos-webpanel

##

swapgs@infosec.exchange at 2025-06-24T09:35:36.000Z ##

Pre-auth RCE in CentOS Web Panel (CVE-2025-48703) found by the friends at Fenrisk. This is beyond madness that Shodan finds 200k of these exposed publicly.

(this post is sponsored by strace®, because no one cares about ionCube)

fenrisk.com/rce-centos-webpanel

##

CVE-2025-52566
(0 None)

EPSS: 0.01%

1 posts

N/A

LLMs@activitypub.awakari.com at 2025-06-24T05:43:09.000Z ## CVE-2025-52566 - LLama Heap Overflow Vulnerability CVE ID : CVE-2025-52566 Published : June 24, 2025, 4:15 a.m. | 58 minutes ago Description : llama.cpp is an inference of several LLM models in C/...


Origin | Interest | Match ##

CVE-2025-6018
(0 None)

EPSS: 0.00%

2 posts

N/A

technotenshi@infosec.exchange at 2025-06-23T20:52:54.000Z ##

Two new Linux flaws (CVE-2025-6018, CVE-2025-6019) allow local attackers to escalate to root via PAM misconfig and udisks. Exploits confirmed on Ubuntu, Fedora, Debian. Admins urged to patch immediately.

bleepingcomputer.com/news/linu

#Linux #LPE #Infosec #Vulnerability

##

gtronix@infosec.exchange at 2025-06-20T23:00:18.000Z ##

New critical Linux flaws let attackers escalate to root via PAM and udisks vulnerabilities

The first, CVE-2025-6018, impactsopenSUSE Leap 15andSUSE Linux Enterprise 15. The Qualys Threat Research Unit has disclosed two linked local privilege escalation vulnerabilities which affect a broad range ofLinuxsystems.

alternativeto.net/news/2025/6/

#Linux

##

CVE-2025-52464
(0 None)

EPSS: 0.06%

1 posts

N/A

beyondmachines1@infosec.exchange at 2025-06-23T15:01:24.000Z ##

Critical cryptographic flaw in Meshtastic Mesh Networking platform exposes private communications

Meshtastic, an open-source mesh networking solution for off-grid communication, has patched a critical vulnerability (CVE-2025-52464) that allowed attackers to decrypt private messages and hijack remote device administration due to identical cryptographic keys being shipped by manufacturers and poor randomness initialization. Users are urged to update to firmware version 2.6.11 or later and perform factory resets to eliminate potentially compromised keys.

**If you have Meshtastic devices, check the firmware. If it's 2.5.0 and above, it's very wise to update to firmware version 2.6.11 or later. Because attackers can read your private messages and take control of your devices. If possible, patch directly or reach out to your device manufacturer for a patch. After updating, perform a factory reset using "meshtastic --factory-reset-device" to clean up the old and potentially compromised encryption keys.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

Visit counter For Websites